Port the AWS Fleet Provisioning demo from the CSDK (#724)

* Add fleet provisioning and tinycbor submodules

* Copy demo files from FP in CSDK and the Defender Demo

* Modify FP demo files to function in FreeRTOS

* Update styling and formatting of demo files to match FreeRTOS conventions

Co-authored-by: Archit Gupta <71798289+archigup@users.noreply.github.com>

26 files changed, 6748 insertions, 9 deletions

diff --git a/.gitmodules b/.gitmodules
index 5a444ff52..4f7148857 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -64,3 +64,9 @@
 [submodule "FreeRTOS-Plus/Source/FreeRTOS-Cellular-Interface"]
 	path = FreeRTOS-Plus/Source/FreeRTOS-Cellular-Interface
 	url = https://github.com/FreeRTOS/Lab-Project-FreeRTOS-Cellular-Library.git
+[submodule "FreeRTOS-Plus/ThirdParty/tinycbor"]
+	path = FreeRTOS-Plus/ThirdParty/tinycbor
+	url = https://github.com/intel/tinycbor.git
+[submodule "FreeRTOS-Plus/Source/AWS/fleet-provisioning"]
+	path = FreeRTOS-Plus/Source/AWS/fleet-provisioning
+	url = https://github.com/aws/Fleet-Provisioning-for-AWS-IoT-embedded-sdk.git
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/DemoTasks/FleetProvisioningDemoExample.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/DemoTasks/FleetProvisioningDemoExample.c
new file mode 100644
index 000000000..22828e17a
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/DemoTasks/FleetProvisioningDemoExample.c
@@ -0,0 +1,828 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/*
+ * Demo for showing use of the Fleet Provisioning library to use the Fleet
+ * Provisioning feature of AWS IoT Core for provisioning devices with
+ * credentials. This demo shows how a device can be provisioned with AWS IoT
+ * Core using the Certificate Signing Request workflow of the Fleet
+ * Provisioning feature.
+ *
+ * The Fleet Provisioning library provides macros and helper functions for
+ * assembling MQTT topics strings, and for determining whether an incoming MQTT
+ * message is related to the Fleet Provisioning API of AWS IoT Core. The Fleet
+ * Provisioning library does not depend on any particular MQTT library,
+ * therefore the functionality for MQTT operations is placed in another file
+ * (mqtt_operations.c). This demo uses the coreMQTT library. If needed,
+ * mqtt_operations.c can be modified to replace coreMQTT with another MQTT
+ * library. This demo requires using the AWS IoT Core broker as Fleet
+ * Provisioning is an AWS IoT Core feature.
+ *
+ * This demo provisions a device certificate using the provisioning by claim
+ * workflow with a Certificate Signing Request (CSR). The demo connects to AWS
+ * IoT Core using provided claim credentials (whose certificate needs to be
+ * registered with IoT Core before running this demo), subscribes to the
+ * CreateCertificateFromCsr topics, and obtains a certificate. It then
+ * subscribes to the RegisterThing topics and activates the certificate and
+ * obtains a Thing using the provisioning template. Finally, it reconnects to
+ * AWS IoT Core using the new credentials.
+ */
+
+/* Standard includes. */
+#include <stdlib.h>
+#include <stdint.h>
+#include <stdbool.h>
+
+/* Kernel includes. */
+#include "FreeRTOS.h"
+#include "task.h"
+
+/* Demo Config */
+#include "demo_config.h"
+
+/* mbedTLS include for configuring threading functions */
+#include "mbedtls/threading.h"
+#include "threading_alt.h"
+
+/* TinyCBOR library for CBOR encoding and decoding operations. */
+#include "cbor.h"
+
+/* corePKCS11 includes. */
+#include "core_pkcs11.h"
+#include "core_pkcs11_config.h"
+
+/* AWS IoT Fleet Provisioning Library. */
+#include "fleet_provisioning.h"
+
+/* Demo includes. */
+#include "mqtt_operations.h"
+#include "pkcs11_operations.h"
+#include "tinycbor_serializer.h"
+#include "using_mbedtls_pkcs11.h"
+
+/**
+ * These configurations are required. Throw compilation error if it is not
+ * defined.
+ */
+#ifndef democonfigPROVISIONING_TEMPLATE_NAME
+    #error "Please define democonfigPROVISIONING_TEMPLATE_NAME to the template name registered with AWS IoT Core in demo_config.h."
+#endif
+#ifndef democonfigROOT_CA_PEM
+    #error "Please define Root CA certificate of the MQTT broker(democonfigROOT_CA_PEM) in demo_config.h."
+#endif
+
+/**
+ * @brief The length of #democonfigPROVISIONING_TEMPLATE_NAME.
+ */
+#define fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH    ( ( uint16_t ) ( sizeof( democonfigPROVISIONING_TEMPLATE_NAME ) - 1 ) )
+
+/**
+ * @brief The length of #democonfigFP_DEMO_ID.
+ */
+#define fpdemoFP_DEMO_ID_LENGTH                    ( ( uint16_t ) ( sizeof( democonfigFP_DEMO_ID ) - 1 ) )
+
+/**
+ * @brief Size of AWS IoT Thing name buffer.
+ *
+ * See https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThing.html#iot-CreateThing-request-thingName
+ */
+#define fpdemoMAX_THING_NAME_LENGTH                128
+
+/**
+ * @brief The maximum number of times to run the loop in this demo.
+ *
+ * @note The demo loop is attempted to re-run only if it fails in an iteration.
+ * Once the demo loop succeeds in an iteration, the demo exits successfully.
+ */
+#ifndef fpdemoMAX_DEMO_LOOP_COUNT
+    #define fpdemoMAX_DEMO_LOOP_COUNT    ( 3 )
+#endif
+
+/**
+ * @brief Time in seconds to wait between retries of the demo loop if
+ * demo loop fails.
+ */
+#define fpdemoDELAY_BETWEEN_DEMO_RETRY_ITERATIONS_SECONDS    ( 5 )
+
+/**
+ * @brief Size of buffer in which to hold the certificate signing request (CSR).
+ */
+#define fpdemoCSR_BUFFER_LENGTH                              2048
+
+/**
+ * @brief Size of buffer in which to hold the certificate.
+ */
+#define fpdemoCERT_BUFFER_LENGTH                             2048
+
+/**
+ * @brief Size of buffer in which to hold the certificate id.
+ *
+ * See https://docs.aws.amazon.com/iot/latest/apireference/API_Certificate.html#iot-Type-Certificate-certificateId
+ */
+#define fpdemoCERT_ID_BUFFER_LENGTH                          64
+
+/**
+ * @brief Size of buffer in which to hold the certificate ownership token.
+ */
+#define fpdemoOWNERSHIP_TOKEN_BUFFER_LENGTH                  512
+
+/**
+ * @brief Milliseconds per second.
+ */
+#define fpdemoMILLISECONDS_PER_SECOND                        ( 1000U )
+
+/**
+ * @brief Milliseconds per FreeRTOS tick.
+ */
+#define fpdemoMILLISECONDS_PER_TICK                          ( fpdemoMILLISECONDS_PER_SECOND / configTICK_RATE_HZ )
+
+/**
+ * @brief Status values of the Fleet Provisioning response.
+ */
+typedef enum
+{
+    ResponseNotReceived,
+    ResponseAccepted,
+    ResponseRejected
+} ResponseStatus_t;
+
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Status reported from the MQTT publish callback.
+ */
+static ResponseStatus_t xResponseStatus;
+
+/**
+ * @brief Buffer to hold the provisioned AWS IoT Thing name.
+ */
+static char pcThingName[ fpdemoMAX_THING_NAME_LENGTH ];
+
+/**
+ * @brief Length of the AWS IoT Thing name.
+ */
+static size_t xThingNameLength;
+
+/**
+ * @brief Buffer to hold responses received from the AWS IoT Fleet Provisioning
+ * APIs. When the MQTT publish callback receives an expected Fleet Provisioning
+ * accepted payload, it copies it into this buffer.
+ */
+static uint8_t pucPayloadBuffer[ democonfigNETWORK_BUFFER_SIZE ];
+
+/**
+ * @brief Length of the payload stored in #pucPayloadBuffer. This is set by the
+ * MQTT publish callback when it copies a received payload into #pucPayloadBuffer.
+ */
+static size_t xPayloadLength;
+
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Each compilation unit that consumes the NetworkContext must define it.
+ * It should contain a single pointer to the type of your desired transport.
+ * When using multiple transports in the same compilation unit, define this pointer as void *.
+ *
+ * @note Transport stacks are defined in FreeRTOS-Plus/Source/Application-Protocols/network_transport.
+ */
+struct NetworkContext
+{
+    TlsTransportParams_t * pxParams;
+};
+
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Callback to receive the incoming publish messages from the MQTT
+ * broker. Sets xResponseStatus if an expected CreateCertificateFromCsr or
+ * RegisterThing response is received, and copies the response into
+ * responseBuffer if the response is an accepted one.
+ *
+ * @param[in] pPublishInfo Pointer to publish info of the incoming publish.
+ * @param[in] usPacketIdentifier Packet identifier of the incoming publish.
+ */
+static void prvProvisioningPublishCallback( MQTTPublishInfo_t * pPublishInfo,
+                                            uint16_t usPacketIdentifier );
+
+/**
+ * @brief Run the MQTT process loop to get a response.
+ */
+static bool prvWaitForResponse( void );
+
+/**
+ * @brief Subscribe to the CreateCertificateFromCsr accepted and rejected topics.
+ */
+static bool prvSubscribeToCsrResponseTopics( void );
+
+/**
+ * @brief Unsubscribe from the CreateCertificateFromCsr accepted and rejected topics.
+ */
+static bool prvUnsubscribeFromCsrResponseTopics( void );
+
+/**
+ * @brief Subscribe to the RegisterThing accepted and rejected topics.
+ */
+static bool prvSubscribeToRegisterThingResponseTopics( void );
+
+/**
+ * @brief Unsubscribe from the RegisterThing accepted and rejected topics.
+ */
+static bool prvUnsubscribeFromRegisterThingResponseTopics( void );
+
+/**
+ * @brief The task used to demonstrate the FP API.
+ *
+ * This task uses the provided claim key and certificate files to connect to
+ * AWS and use PKCS #11 to generate a new device key and certificate with a CSR.
+ * The task then creates a new Thing with the Fleet Provisioning API using the
+ * newly-created credentials. The task finishes by connecting to the newly-created
+ * Thing to verify that it was successfully created and accessible using the key/cert.
+ *
+ * @param[in] pvParameters Parameters as passed at the time of task creation.
+ * Not used in this example.
+ */
+static int prvFleetProvisioningTask( void * pvParameters );
+
+
+/*-----------------------------------------------------------*/
+
+static void prvProvisioningPublishCallback( MQTTPublishInfo_t * pPublishInfo,
+                                            uint16_t usPacketIdentifier )
+{
+    FleetProvisioningStatus_t status;
+    FleetProvisioningTopic_t api;
+
+    /* Silence compiler warnings about unused variables. */
+    ( void ) usPacketIdentifier;
+
+    status = FleetProvisioning_MatchTopic( pPublishInfo->pTopicName,
+                                           pPublishInfo->topicNameLength, &api );
+
+    if( status != FleetProvisioningSuccess )
+    {
+        LogWarn( ( "Unexpected publish message received. Topic: %.*s.",
+                   ( int ) pPublishInfo->topicNameLength,
+                   ( const char * ) pPublishInfo->pTopicName ) );
+    }
+    else
+    {
+        if( api == FleetProvCborCreateCertFromCsrAccepted )
+        {
+            LogInfo( ( "Received accepted response from Fleet Provisioning CreateCertificateFromCsr API." ) );
+
+            xResponseStatus = ResponseAccepted;
+
+            /* Copy the payload from the MQTT library's buffer to #pucPayloadBuffer. */
+            ( void ) memcpy( ( void * ) pucPayloadBuffer,
+                             ( const void * ) pPublishInfo->pPayload,
+                             ( size_t ) pPublishInfo->payloadLength );
+
+            xPayloadLength = pPublishInfo->payloadLength;
+        }
+        else if( api == FleetProvCborCreateCertFromCsrRejected )
+        {
+            LogError( ( "Received rejected response from Fleet Provisioning CreateCertificateFromCsr API." ) );
+
+            xResponseStatus = ResponseRejected;
+        }
+        else if( api == FleetProvCborRegisterThingAccepted )
+        {
+            LogInfo( ( "Received accepted response from Fleet Provisioning RegisterThing API." ) );
+
+            xResponseStatus = ResponseAccepted;
+
+            /* Copy the payload from the MQTT library's buffer to #pucPayloadBuffer. */
+            ( void ) memcpy( ( void * ) pucPayloadBuffer,
+                             ( const void * ) pPublishInfo->pPayload,
+                             ( size_t ) pPublishInfo->payloadLength );
+
+            xPayloadLength = pPublishInfo->payloadLength;
+        }
+        else if( api == FleetProvCborRegisterThingRejected )
+        {
+            LogError( ( "Received rejected response from Fleet Provisioning RegisterThing API." ) );
+
+            xResponseStatus = ResponseRejected;
+        }
+        else
+        {
+            LogError( ( "Received message on unexpected Fleet Provisioning topic. Topic: %.*s.",
+                        ( int ) pPublishInfo->topicNameLength,
+                        ( const char * ) pPublishInfo->pTopicName ) );
+        }
+    }
+}
+/*-----------------------------------------------------------*/
+
+static bool prvWaitForResponse( void )
+{
+    bool xStatus = false;
+
+    xResponseStatus = ResponseNotReceived;
+
+    /* xResponseStatus is updated from the MQTT publish callback. */
+    ( void ) xProcessLoop();
+
+    if( xResponseStatus == ResponseNotReceived )
+    {
+        LogError( ( "Timed out waiting for response." ) );
+    }
+
+    if( xResponseStatus == ResponseAccepted )
+    {
+        xStatus = true;
+    }
+
+    return xStatus;
+}
+/*-----------------------------------------------------------*/
+
+static bool prvSubscribeToCsrResponseTopics( void )
+{
+    bool xStatus;
+
+    xStatus = xSubscribeToTopic( FP_CBOR_CREATE_CERT_ACCEPTED_TOPIC,
+                                 FP_CBOR_CREATE_CERT_ACCEPTED_LENGTH );
+
+    if( xStatus == false )
+    {
+        LogError( ( "Failed to subscribe to fleet provisioning topic: %.*s.",
+                    FP_CBOR_CREATE_CERT_ACCEPTED_LENGTH,
+                    FP_CBOR_CREATE_CERT_ACCEPTED_TOPIC ) );
+    }
+
+    if( xStatus == true )
+    {
+        xStatus = xSubscribeToTopic( FP_CBOR_CREATE_CERT_REJECTED_TOPIC,
+                                     FP_CBOR_CREATE_CERT_REJECTED_LENGTH );
+
+        if( xStatus == false )
+        {
+            LogError( ( "Failed to subscribe to fleet provisioning topic: %.*s.",
+                        FP_CBOR_CREATE_CERT_REJECTED_LENGTH,
+                        FP_CBOR_CREATE_CERT_REJECTED_TOPIC ) );
+        }
+    }
+
+    return xStatus;
+}
+/*-----------------------------------------------------------*/
+
+static bool prvUnsubscribeFromCsrResponseTopics( void )
+{
+    bool xStatus;
+
+    xStatus = xUnsubscribeFromTopic( FP_CBOR_CREATE_CERT_ACCEPTED_TOPIC,
+                                     FP_CBOR_CREATE_CERT_ACCEPTED_LENGTH );
+
+    if( xStatus == false )
+    {
+        LogError( ( "Failed to unsubscribe from fleet provisioning topic: %.*s.",
+                    FP_CBOR_CREATE_CERT_ACCEPTED_LENGTH,
+                    FP_CBOR_CREATE_CERT_ACCEPTED_TOPIC ) );
+    }
+
+    if( xStatus == true )
+    {
+        xStatus = xUnsubscribeFromTopic( FP_CBOR_CREATE_CERT_REJECTED_TOPIC,
+                                         FP_CBOR_CREATE_CERT_REJECTED_LENGTH );
+
+        if( xStatus == false )
+        {
+            LogError( ( "Failed to unsubscribe from fleet provisioning topic: %.*s.",
+                        FP_CBOR_CREATE_CERT_REJECTED_LENGTH,
+                        FP_CBOR_CREATE_CERT_REJECTED_TOPIC ) );
+        }
+    }
+
+    return xStatus;
+}
+/*-----------------------------------------------------------*/
+
+static bool prvSubscribeToRegisterThingResponseTopics( void )
+{
+    bool xStatus;
+
+    xStatus = xSubscribeToTopic( FP_CBOR_REGISTER_ACCEPTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ),
+                                 FP_CBOR_REGISTER_ACCEPTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ) );
+
+    if( xStatus == false )
+    {
+        LogError( ( "Failed to subscribe to fleet provisioning topic: %.*s.",
+                    FP_CBOR_REGISTER_ACCEPTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                    FP_CBOR_REGISTER_ACCEPTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ) ) );
+    }
+
+    if( xStatus == true )
+    {
+        xStatus = xSubscribeToTopic( FP_CBOR_REGISTER_REJECTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ),
+                                     FP_CBOR_REGISTER_REJECTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ) );
+
+        if( xStatus == false )
+        {
+            LogError( ( "Failed to subscribe to fleet provisioning topic: %.*s.",
+                        FP_CBOR_REGISTER_REJECTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                        FP_CBOR_REGISTER_REJECTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ) ) );
+        }
+    }
+
+    return xStatus;
+}
+/*-----------------------------------------------------------*/
+
+static bool prvUnsubscribeFromRegisterThingResponseTopics( void )
+{
+    bool xStatus;
+
+    xStatus = xUnsubscribeFromTopic( FP_CBOR_REGISTER_ACCEPTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ),
+                                     FP_CBOR_REGISTER_ACCEPTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ) );
+
+    if( xStatus == false )
+    {
+        LogError( ( "Failed to unsubscribe from fleet provisioning topic: %.*s.",
+                    FP_CBOR_REGISTER_ACCEPTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                    FP_CBOR_REGISTER_ACCEPTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ) ) );
+    }
+
+    if( xStatus == true )
+    {
+        xStatus = xUnsubscribeFromTopic( FP_CBOR_REGISTER_REJECTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ),
+                                         FP_CBOR_REGISTER_REJECTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ) );
+
+        if( xStatus == false )
+        {
+            LogError( ( "Failed to unsubscribe from fleet provisioning topic: %.*s.",
+                        FP_CBOR_REGISTER_REJECTED_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                        FP_CBOR_REGISTER_REJECTED_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ) ) );
+        }
+    }
+
+    return xStatus;
+}
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Create the task that demonstrates the Fleet Provisioning library API
+ */
+void vStartFleetProvisioningDemo()
+{
+    /* Configure mbedTLS to use FreeRTOS specific threading function. */
+    mbedtls_threading_set_alt( mbedtls_platform_mutex_init,
+                               mbedtls_platform_mutex_free,
+                               mbedtls_platform_mutex_lock,
+                               mbedtls_platform_mutex_unlock );
+
+    /* This example uses a single application task, which shows that how to use
+     * Device Defender library to generate and validate AWS IoT Device Defender
+     * MQTT topics, and use the coreMQTT library to communicate with the AWS
+     * IoT Device Defender service. */
+    xTaskCreate( prvFleetProvisioningTask, /* Function that implements the task. */
+                 "DemoTask",               /* Text name for the task - only used for debugging. */
+                 democonfigDEMO_STACKSIZE, /* Size of stack (in words, not bytes) to allocate for the task. */
+                 NULL,                     /* Task parameter - not used in this case. */
+                 tskIDLE_PRIORITY,         /* Task priority, must be between 0 and configMAX_PRIORITIES - 1. */
+                 NULL );                   /* Used to pass out a handle to the created task - not used in this case. */
+}
+
+/* This example uses a single application task, which shows that how to use
+ * the Fleet Provisioning library to generate and validate AWS IoT Fleet
+ * Provisioning MQTT topics, and use the coreMQTT library to communicate with
+ * the AWS IoT Fleet Provisioning APIs. */
+int prvFleetProvisioningTask( void * pvParameters )
+{
+    bool xStatus = false;
+    /* Buffer for holding the CSR. */
+    char pcCsr[ fpdemoCSR_BUFFER_LENGTH ] = { 0 };
+    size_t xCsrLength = 0;
+    /* Buffer for holding received certificate until it is saved. */
+    char pcCertificate[ fpdemoCERT_BUFFER_LENGTH ];
+    size_t xCertificateLength;
+    /* Buffer for holding the certificate ID. */
+    char pcCertificateId[ fpdemoCERT_ID_BUFFER_LENGTH ];
+    size_t xCertificateIdLength;
+    /* Buffer for holding the certificate ownership token. */
+    char pcOwnershipToken[ fpdemoOWNERSHIP_TOKEN_BUFFER_LENGTH ];
+    size_t xOwnershipTokenLength;
+    bool xConnectionEstablished = false;
+    CK_SESSION_HANDLE xP11Session;
+    uint32_t ulDemoRunCount = 0U;
+    CK_RV xPkcs11Ret = CKR_OK;
+
+
+    NetworkContext_t xNetworkContext = { 0 };
+    TlsTransportParams_t xTlsTransportParams = { 0 };
+
+    /* Silence compiler warnings about unused variables. */
+    ( void ) pvParameters;
+
+    /* Set the pParams member of the network context with desired transport. */
+    xNetworkContext.pxParams = &xTlsTransportParams;
+
+    do
+    {
+        /* Initialize the buffer lengths to their max lengths. */
+        xCertificateLength = fpdemoCERT_BUFFER_LENGTH;
+        xCertificateIdLength = fpdemoCERT_ID_BUFFER_LENGTH;
+        xOwnershipTokenLength = fpdemoOWNERSHIP_TOKEN_BUFFER_LENGTH;
+
+        /* Initialize the PKCS #11 module */
+        xPkcs11Ret = xInitializePkcs11Session( &xP11Session );
+
+        if( xPkcs11Ret != CKR_OK )
+        {
+            LogError( ( "Failed to initialize PKCS #11." ) );
+            xStatus = false;
+        }
+        else
+        {
+            xStatus = xGenerateKeyAndCsr( xP11Session,
+                                          pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS,
+                                          pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS,
+                                          pcCsr,
+                                          fpdemoCSR_BUFFER_LENGTH,
+                                          &xCsrLength );
+
+            if( xStatus == false )
+            {
+                LogError( ( "Failed to generate Key and Certificate Signing Request." ) );
+            }
+
+            xPkcs11CloseSession( xP11Session );
+        }
+
+        /**** Connect to AWS IoT Core with provisioning claim credentials *****/
+
+        /* We first use the claim credentials to connect to the broker. These
+         * credentials should allow use of the RegisterThing API and one of the
+         * CreateCertificatefromCsr or CreateKeysAndCertificate.
+         * In this demo we use CreateCertificatefromCsr. */
+        if( xStatus == true )
+        {
+            /* Attempts to connect to the AWS IoT MQTT broker. If the
+             * connection fails, retries after a timeout. Timeout value will
+             * exponentially increase until maximum attempts are reached. */
+            LogInfo( ( "Establishing MQTT session with claim certificate..." ) );
+            xStatus = xEstablishMqttSession( prvProvisioningPublishCallback,
+                                             pkcs11configLABEL_CLAIM_CERTIFICATE,
+                                             pkcs11configLABEL_CLAIM_PRIVATE_KEY );
+
+            if( xStatus == false )
+            {
+                LogError( ( "Failed to establish MQTT session." ) );
+            }
+            else
+            {
+                LogInfo( ( "Established connection with claim credentials." ) );
+                xConnectionEstablished = true;
+            }
+        }
+
+        /**** Call the CreateCertificateFromCsr API ***************************/
+
+        /* We use the CreateCertificatefromCsr API to obtain a client certificate
+         * for a key on the device by means of sending a certificate signing
+         * request (CSR). */
+        if( xStatus == true )
+        {
+            /* Subscribe to the CreateCertificateFromCsr accepted and rejected
+             * topics. In this demo we use CBOR encoding for the payloads,
+             * so we use the CBOR variants of the topics. */
+            xStatus = prvSubscribeToCsrResponseTopics();
+        }
+
+        if( xStatus == true )
+        {
+            /* Create the request payload containing the CSR to publish to the
+             * CreateCertificateFromCsr APIs. */
+            xStatus = xGenerateCsrRequest( pucPayloadBuffer,
+                                           democonfigNETWORK_BUFFER_SIZE,
+                                           pcCsr,
+                                           xCsrLength,
+                                           &xPayloadLength );
+        }
+
+        if( xStatus == true )
+        {
+            /* Publish the CSR to the CreateCertificatefromCsr API. */
+            xPublishToTopic( FP_CBOR_CREATE_CERT_PUBLISH_TOPIC,
+                             FP_CBOR_CREATE_CERT_PUBLISH_LENGTH,
+                             ( char * ) pucPayloadBuffer,
+                             xPayloadLength );
+
+            if( xStatus == false )
+            {
+                LogError( ( "Failed to publish to fleet provisioning topic: %.*s.",
+                            FP_CBOR_CREATE_CERT_PUBLISH_LENGTH,
+                            FP_CBOR_CREATE_CERT_PUBLISH_TOPIC ) );
+            }
+        }
+
+        if( xStatus == true )
+        {
+            /* Get the response to the CreateCertificatefromCsr request. */
+            xStatus = prvWaitForResponse();
+        }
+
+        if( xStatus == true )
+        {
+            /* From the response, extract the certificate, certificate ID, and
+             * certificate ownership token. */
+            xStatus = xParseCsrResponse( pucPayloadBuffer,
+                                         xPayloadLength,
+                                         pcCertificate,
+                                         &xCertificateLength,
+                                         pcCertificateId,
+                                         &xCertificateIdLength,
+                                         pcOwnershipToken,
+                                         &xOwnershipTokenLength );
+
+            if( xStatus == true )
+            {
+                LogInfo( ( "Received certificate with Id: %.*s", ( int ) xCertificateIdLength, pcCertificateId ) );
+            }
+        }
+
+        if( xStatus == true )
+        {
+            /* Save the certificate into PKCS #11. */
+            xStatus = xLoadCertificate( xP11Session,
+                                        pcCertificate,
+                                        pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS,
+                                        xCertificateLength );
+        }
+
+        if( xStatus == true )
+        {
+            /* Unsubscribe from the CreateCertificateFromCsr topics. */
+            xStatus = prvUnsubscribeFromCsrResponseTopics();
+        }
+
+        /**** Call the RegisterThing API **************************************/
+
+        /* We then use the RegisterThing API to activate the received certificate,
+         * provision AWS IoT resources according to the provisioning template, and
+         * receive device configuration. */
+        if( xStatus == true )
+        {
+            /* Create the request payload to publish to the RegisterThing API. */
+            xStatus = xGenerateRegisterThingRequest( pucPayloadBuffer,
+                                                     democonfigNETWORK_BUFFER_SIZE,
+                                                     pcOwnershipToken,
+                                                     xOwnershipTokenLength,
+                                                     democonfigFP_DEMO_ID,
+                                                     fpdemoFP_DEMO_ID_LENGTH,
+                                                     &xPayloadLength );
+        }
+
+        if( xStatus == true )
+        {
+            /* Subscribe to the RegisterThing response topics. */
+            xStatus = prvSubscribeToRegisterThingResponseTopics();
+        }
+
+        if( xStatus == true )
+        {
+            /* Publish the RegisterThing request. */
+            xPublishToTopic( FP_CBOR_REGISTER_PUBLISH_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ),
+                             FP_CBOR_REGISTER_PUBLISH_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                             ( char * ) pucPayloadBuffer,
+                             xPayloadLength );
+
+            if( xStatus == false )
+            {
+                LogError( ( "Failed to publish to fleet provisioning topic: %.*s.",
+                            FP_CBOR_REGISTER_PUBLISH_LENGTH( fpdemoPROVISIONING_TEMPLATE_NAME_LENGTH ),
+                            FP_CBOR_REGISTER_PUBLISH_TOPIC( democonfigPROVISIONING_TEMPLATE_NAME ) ) );
+            }
+        }
+
+        if( xStatus == true )
+        {
+            /* Get the response to the RegisterThing request. */
+            xStatus = prvWaitForResponse();
+        }
+
+        if( xStatus == true )
+        {
+            /* Extract the Thing name from the response. */
+            xThingNameLength = fpdemoMAX_THING_NAME_LENGTH;
+            xStatus = xParseRegisterThingResponse( pucPayloadBuffer,
+                                                   xPayloadLength,
+                                                   pcThingName,
+                                                   &xThingNameLength );
+
+            if( xStatus == true )
+            {
+                LogInfo( ( "Received AWS IoT Thing name: %.*s", ( int ) xThingNameLength, pcThingName ) );
+            }
+        }
+
+        if( xStatus == true )
+        {
+            /* Unsubscribe from the RegisterThing topics. */
+            prvUnsubscribeFromRegisterThingResponseTopics();
+        }
+
+        /**** Disconnect from AWS IoT Core ************************************/
+
+        /* As we have completed the provisioning workflow, we disconnect from
+         * the connection using the provisioning claim credentials. We will
+         * establish a new MQTT connection with the newly provisioned
+         * credentials. */
+        if( xConnectionEstablished == true )
+        {
+            xDisconnectMqttSession();
+            xConnectionEstablished = false;
+        }
+
+        /**** Connect to AWS IoT Core with provisioned certificate ************/
+
+        if( xStatus == true )
+        {
+            LogInfo( ( "Establishing MQTT session with provisioned certificate..." ) );
+            xStatus = xEstablishMqttSession( prvProvisioningPublishCallback,
+                                             pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS,
+                                             pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS );
+
+            if( xStatus != true )
+            {
+                LogError( ( "Failed to establish MQTT session with provisioned "
+                            "credentials. Verify on your AWS account that the "
+                            "new certificate is active and has an attached IoT "
+                            "Policy that allows the \"iot:Connect\" action." ) );
+            }
+            else
+            {
+                LogInfo( ( "Sucessfully established connection with provisioned credentials." ) );
+                xConnectionEstablished = true;
+            }
+        }
+
+        /**** Finish **********************************************************/
+
+        if( xConnectionEstablished == true )
+        {
+            /* Close the connection. */
+            xDisconnectMqttSession();
+            xConnectionEstablished = false;
+        }
+
+        /**** Retry in case of failure ****************************************/
+
+        /* Increment the demo run count. */
+        ulDemoRunCount++;
+
+        if( xStatus == true )
+        {
+            LogInfo( ( "Demo iteration %d is successful.", ulDemoRunCount ) );
+        }
+        /* Attempt to retry a failed iteration of demo for up to #fpdemoMAX_DEMO_LOOP_COUNT times. */
+        else if( ulDemoRunCount < fpdemoMAX_DEMO_LOOP_COUNT )
+        {
+            LogWarn( ( "Demo iteration %d failed. Retrying...", ulDemoRunCount ) );
+            vTaskDelay( fpdemoDELAY_BETWEEN_DEMO_RETRY_ITERATIONS_SECONDS );
+        }
+        /* Failed all #fpdemoMAX_DEMO_LOOP_COUNT demo iterations. */
+        else
+        {
+            LogError( ( "All %d demo iterations failed.", fpdemoMAX_DEMO_LOOP_COUNT ) );
+            break;
+        }
+    } while( xStatus != true );
+
+    /* Log demo success. */
+    if( xStatus == true )
+    {
+        LogInfo( ( "Demo completed successfully." ) );
+    }
+
+    /* Delete this task. */
+    LogInfo( ( "Deleting Fleet Provisioning Demo task." ) );
+    vTaskDelete( NULL );
+
+    return ( xStatus == true ) ? EXIT_SUCCESS : EXIT_FAILURE;
+}
+/*-----------------------------------------------------------*/
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSConfig.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSConfig.h
new file mode 100644
index 000000000..4d7ac7acc
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSConfig.h
@@ -0,0 +1,200 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef FREERTOS_CONFIG_H
+#define FREERTOS_CONFIG_H
+
+/*-----------------------------------------------------------
+* Application specific definitions.
+*
+* These definitions should be adjusted for your particular hardware and
+* application requirements.
+*
+* THESE PARAMETERS ARE DESCRIBED WITHIN THE 'CONFIGURATION' SECTION OF THE
+* FreeRTOS API DOCUMENTATION AVAILABLE ON THE FreeRTOS.org WEB SITE.
+* http://www.freertos.org/a00110.html
+*
+* The bottom of this file contains some constants specific to running the UDP
+* stack in this demo.  Constants specific to FreeRTOS+TCP itself (rather than
+* the demo) are contained in FreeRTOSIPConfig.h.
+*----------------------------------------------------------*/
+#define configUSE_PREEMPTION                       1
+#define configUSE_PORT_OPTIMISED_TASK_SELECTION    1
+#define configMAX_PRIORITIES                       ( 7 )
+#define configTICK_RATE_HZ                         ( 1000 )                  /* In this non-real time simulated environment the tick frequency has to be at least a multiple of the Win32 tick frequency, and therefore very slow. */
+#define configMINIMAL_STACK_SIZE                   ( ( unsigned short ) 60 ) /* In this simulated case, the stack only has to hold one small structure as the real stack is part of the Win32 thread. */
+#define configTOTAL_HEAP_SIZE                      ( ( size_t ) ( 2048U * 1024U ) )
+#define configMAX_TASK_NAME_LEN                    ( 15 )
+#define configUSE_TRACE_FACILITY                   1
+#define configUSE_STATS_FORMATTING_FUNCTIONS       0
+#define configUSE_16_BIT_TICKS                     0
+#define configIDLE_SHOULD_YIELD                    1
+#define configUSE_CO_ROUTINES                      0
+#define configUSE_MUTEXES                          1
+#define configUSE_RECURSIVE_MUTEXES                1
+#define configQUEUE_REGISTRY_SIZE                  0
+#define configUSE_APPLICATION_TASK_TAG             0
+#define configUSE_COUNTING_SEMAPHORES              1
+#define configUSE_ALTERNATIVE_API                  0
+#define configNUM_THREAD_LOCAL_STORAGE_POINTERS    0
+#define configENABLE_BACKWARD_COMPATIBILITY        1
+#define configSUPPORT_STATIC_ALLOCATION            1
+
+/* Hook function related definitions. */
+#define configUSE_TICK_HOOK                        0
+#define configUSE_IDLE_HOOK                        0
+#define configUSE_MALLOC_FAILED_HOOK               0
+#define configCHECK_FOR_STACK_OVERFLOW             0 /* Not applicable to the Win32 port. */
+
+/* Software timer related definitions. */
+#define configUSE_TIMERS                           1
+#define configTIMER_TASK_PRIORITY                  ( configMAX_PRIORITIES - 1 )
+#define configTIMER_QUEUE_LENGTH                   5
+#define configTIMER_TASK_STACK_DEPTH               ( configMINIMAL_STACK_SIZE * 2 )
+
+/* Event group related definitions. */
+#define configUSE_EVENT_GROUPS                     1
+
+/* Run time stats gathering configuration options. */
+#define configGENERATE_RUN_TIME_STATS              0
+
+/* Co-routine definitions. */
+#define configUSE_CO_ROUTINES                      0
+#define configMAX_CO_ROUTINE_PRIORITIES            ( 2 )
+
+/* Set the following definitions to 1 to include the API function, or zero
+ * to exclude the API function. */
+#define INCLUDE_vTaskPrioritySet                   1
+#define INCLUDE_uxTaskPriorityGet                  1
+#define INCLUDE_vTaskDelete                        1
+#define INCLUDE_vTaskCleanUpResources              0
+#define INCLUDE_vTaskSuspend                       1
+#define INCLUDE_vTaskDelayUntil                    1
+#define INCLUDE_vTaskDelay                         1
+#define INCLUDE_uxTaskGetStackHighWaterMark        1
+#define INCLUDE_xTaskGetSchedulerState             1
+#define INCLUDE_xTimerGetTimerTaskHandle           0
+#define INCLUDE_xTaskGetIdleTaskHandle             0
+#define INCLUDE_xQueueGetMutexHolder               1
+#define INCLUDE_eTaskGetState                      1
+#define INCLUDE_xEventGroupSetBitsFromISR          1
+#define INCLUDE_xTimerPendFunctionCall             1
+#define INCLUDE_pcTaskGetTaskName                  1
+
+/* Assert call defined for debug builds. */
+#ifdef _DEBUG
+    extern void vAssertCalled( const char * pcFile,
+                               uint32_t ulLine );
+    #define configASSERT( x )    if( ( x ) == 0 ) vAssertCalled( __FILE__, __LINE__ )
+#endif /* _DEBUG */
+
+/* Application specific definitions follow. **********************************/
+
+/* Only used when running in the FreeRTOS Windows simulator.  Defines the
+ * priority of the task used to simulate Ethernet interrupts. */
+#define configMAC_ISR_SIMULATOR_PRIORITY    ( configMAX_PRIORITIES - 1 )
+
+/* This demo creates a virtual network connection by accessing the raw Ethernet
+ * or WiFi data to and from a real network connection.  Many computers have more
+ * than one real network port, and configNETWORK_INTERFACE_TO_USE is used to tell
+ * the demo which real port should be used to create the virtual port.  The ports
+ * available are displayed on the console when the application is executed.  For
+ * example, on my development laptop setting configNETWORK_INTERFACE_TO_USE to 4
+ * results in the wired network being used, while setting
+ * configNETWORK_INTERFACE_TO_USE to 2 results in the wireless network being
+ * used. */
+#define configNETWORK_INTERFACE_TO_USE      ( 0L )
+
+/* The address to which logging is sent should UDP logging be enabled. */
+#define configUDP_LOGGING_ADDR0             192
+#define configUDP_LOGGING_ADDR1             168
+#define configUDP_LOGGING_ADDR2             0
+#define configUDP_LOGGING_ADDR3             11
+
+/* Default MAC address configuration.  The demo creates a virtual network
+ * connection that uses this MAC address by accessing the raw Ethernet/WiFi data
+ * to and from a real network connection on the host PC.  See the
+ * configNETWORK_INTERFACE_TO_USE definition above for information on how to
+ * configure the real network connection to use. */
+#define configMAC_ADDR0                     0x00
+#define configMAC_ADDR1                     0x11
+#define configMAC_ADDR2                     0x11
+#define configMAC_ADDR3                     0x11
+#define configMAC_ADDR4                     0x11
+#define configMAC_ADDR5                     0x41
+
+/* Default IP address configuration.  Used in ipconfigUSE_DNS is set to 0, or
+ * ipconfigUSE_DNS is set to 1 but a DNS server cannot be contacted. */
+#define configIP_ADDR0                      10
+#define configIP_ADDR1                      10
+#define configIP_ADDR2                      10
+#define configIP_ADDR3                      200
+
+/* Default gateway IP address configuration.  Used in ipconfigUSE_DNS is set to
+ * 0, or ipconfigUSE_DNS is set to 1 but a DNS server cannot be contacted. */
+#define configGATEWAY_ADDR0                 10
+#define configGATEWAY_ADDR1                 10
+#define configGATEWAY_ADDR2                 10
+#define configGATEWAY_ADDR3                 1
+
+/* Default DNS server configuration.  OpenDNS addresses are 208.67.222.222 and
+ * 208.67.220.220.  Used in ipconfigUSE_DNS is set to 0, or ipconfigUSE_DNS is set
+ * to 1 but a DNS server cannot be contacted.*/
+#define configDNS_SERVER_ADDR0              208
+#define configDNS_SERVER_ADDR1              67
+#define configDNS_SERVER_ADDR2              222
+#define configDNS_SERVER_ADDR3              222
+
+/* Default netmask configuration.  Used in ipconfigUSE_DNS is set to 0, or
+ * ipconfigUSE_DNS is set to 1 but a DNS server cannot be contacted. */
+#define configNET_MASK0                     255
+#define configNET_MASK1                     0
+#define configNET_MASK2                     0
+#define configNET_MASK3                     0
+
+/* The UDP port to which print messages are sent. */
+#define configPRINT_PORT                    ( 15000 )
+
+
+#if ( defined( _MSC_VER ) && ( _MSC_VER <= 1600 ) && !defined( snprintf ) )
+    /* Map to Windows names. */
+    #define snprintf     _snprintf
+    #define vsnprintf    _vsnprintf
+#endif
+
+/* Visual studio does not have an implementation of strcasecmp(). */
+#define strcasecmp     _stricmp
+#define strncasecmp    _strnicmp
+#define strcmpi        _strcmpi
+
+/* Prototype for the function used to print out.  In this case it prints to the
+ * console before the network is connected then a UDP port after the network has
+ * connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+#define configPRINTF( X )    vLoggingPrintf X
+
+#endif /* FREERTOS_CONFIG_H */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSIPConfig.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSIPConfig.h
new file mode 100644
index 000000000..ee608471e
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/FreeRTOSIPConfig.h
@@ -0,0 +1,310 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+
+/*****************************************************************************
+*
+* See the following URL for configuration information.
+* http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_IP_Configuration.html
+*
+*****************************************************************************/
+
+#ifndef FREERTOS_IP_CONFIG_H
+#define FREERTOS_IP_CONFIG_H
+
+/* Prototype for the function used to print out.  In this case it prints to the
+ * console before the network is connected then a UDP port after the network has
+ * connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+
+/* Set to 1 to print out debug messages.  If ipconfigHAS_DEBUG_PRINTF is set to
+ * 1 then FreeRTOS_debug_printf should be defined to the function used to print
+ * out the debugging messages. */
+#define ipconfigHAS_DEBUG_PRINTF    0
+#if ( ipconfigHAS_DEBUG_PRINTF == 1 )
+    #define FreeRTOS_debug_printf( X )    vLoggingPrintf X
+#endif
+
+/* Set to 1 to print out non debugging messages, for example the output of the
+ * FreeRTOS_netstat() command, and ping replies.  If ipconfigHAS_PRINTF is set to 1
+ * then FreeRTOS_printf should be set to the function used to print out the
+ * messages. */
+#define ipconfigHAS_PRINTF    1
+#if ( ipconfigHAS_PRINTF == 1 )
+    #define FreeRTOS_printf( X )    vLoggingPrintf X
+#endif
+
+/* Define the byte order of the target MCU (the MCU FreeRTOS+TCP is executing
+ * on).  Valid options are pdFREERTOS_BIG_ENDIAN and pdFREERTOS_LITTLE_ENDIAN. */
+#define ipconfigBYTE_ORDER                         pdFREERTOS_LITTLE_ENDIAN
+
+/* If the network card/driver includes checksum offloading (IP/TCP/UDP checksums)
+ * then set ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM to 1 to prevent the software
+ * stack repeating the checksum calculations. */
+#define ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM     1
+
+/* Several API's will block until the result is known, or the action has been
+ * performed, for example FreeRTOS_send() and FreeRTOS_recv().  The timeouts can be
+ * set per socket, using setsockopt().  If not set, the times below will be
+ * used as defaults. */
+#define ipconfigSOCK_DEFAULT_RECEIVE_BLOCK_TIME    ( 2000 )
+#define ipconfigSOCK_DEFAULT_SEND_BLOCK_TIME       ( 5000 )
+
+/* Include support for LLMNR: Link-local Multicast Name Resolution
+ * (non-Microsoft) */
+#define ipconfigUSE_LLMNR                          ( 0 )
+
+/* Include support for NBNS: NetBIOS Name Service (Microsoft) */
+#define ipconfigUSE_NBNS                           ( 0 )
+
+/* Include support for DNS caching.  For TCP, having a small DNS cache is very
+ * useful.  When a cache is present, ipconfigDNS_REQUEST_ATTEMPTS can be kept low
+ * and also DNS may use small timeouts.  If a DNS reply comes in after the DNS
+ * socket has been destroyed, the result will be stored into the cache.  The next
+ * call to FreeRTOS_gethostbyname() will return immediately, without even creating
+ * a socket. */
+#define ipconfigUSE_DNS_CACHE                      ( 1 )
+#define ipconfigDNS_CACHE_NAME_LENGTH              ( 64 )
+#define ipconfigDNS_CACHE_ENTRIES                  ( 4 )
+#define ipconfigDNS_REQUEST_ATTEMPTS               ( 2 )
+
+/* The IP stack executes it its own task (although any application task can make
+ * use of its services through the published sockets API). ipconfigUDP_TASK_PRIORITY
+ * sets the priority of the task that executes the IP stack.  The priority is a
+ * standard FreeRTOS task priority so can take any value from 0 (the lowest
+ * priority) to (configMAX_PRIORITIES - 1) (the highest priority).
+ * configMAX_PRIORITIES is a standard FreeRTOS configuration parameter defined in
+ * FreeRTOSConfig.h, not FreeRTOSIPConfig.h. Consideration needs to be given as to
+ * the priority assigned to the task executing the IP stack relative to the
+ * priority assigned to tasks that use the IP stack. */
+#define ipconfigIP_TASK_PRIORITY                   ( configMAX_PRIORITIES - 2 )
+
+/* The size, in words (not bytes), of the stack allocated to the FreeRTOS+TCP
+ * task.  This setting is less important when the FreeRTOS Win32 simulator is used
+ * as the Win32 simulator only stores a fixed amount of information on the task
+ * stack.  FreeRTOS includes optional stack overflow detection, see:
+ * http://www.freertos.org/Stacks-and-stack-overflow-checking.html */
+#define ipconfigIP_TASK_STACK_SIZE_WORDS           ( configMINIMAL_STACK_SIZE * 5 )
+
+/* ipconfigRAND32() is called by the IP stack to generate random numbers for
+ * things such as a DHCP transaction number or initial sequence number.  Random
+ * number generation is performed via this macro to allow applications to use their
+ * own random number generation method.  For example, it might be possible to
+ * generate a random number by sampling noise on an analogue input. */
+extern UBaseType_t uxRand();
+#define ipconfigRAND32()    uxRand()
+
+/* If ipconfigUSE_NETWORK_EVENT_HOOK is set to 1 then FreeRTOS+TCP will call the
+ * network event hook at the appropriate times.  If ipconfigUSE_NETWORK_EVENT_HOOK
+ * is not set to 1 then the network event hook will never be called.  See
+ * http://www.FreeRTOS.org/FreeRTOS-Plus/FreeRTOS_Plus_UDP/API/vApplicationIPNetworkEventHook.shtml
+ */
+#define ipconfigUSE_NETWORK_EVENT_HOOK                        1
+
+/* Sockets have a send block time attribute.  If FreeRTOS_sendto() is called but
+ * a network buffer cannot be obtained then the calling task is held in the Blocked
+ * state (so other tasks can continue to executed) until either a network buffer
+ * becomes available or the send block time expires.  If the send block time expires
+ * then the send operation is aborted.  The maximum allowable send block time is
+ * capped to the value set by ipconfigMAX_SEND_BLOCK_TIME_TICKS.  Capping the
+ * maximum allowable send block time prevents prevents a deadlock occurring when
+ * all the network buffers are in use and the tasks that process (and subsequently
+ * free) the network buffers are themselves blocked waiting for a network buffer.
+ * ipconfigMAX_SEND_BLOCK_TIME_TICKS is specified in RTOS ticks.  A time in
+ * milliseconds can be converted to a time in ticks by dividing the time in
+ * milliseconds by portTICK_PERIOD_MS. */
+#define ipconfigUDP_MAX_SEND_BLOCK_TIME_TICKS                 ( 5000 / portTICK_PERIOD_MS )
+
+/* If ipconfigUSE_DHCP is 1 then FreeRTOS+TCP will attempt to retrieve an IP
+ * address, netmask, DNS server address and gateway address from a DHCP server.  If
+ * ipconfigUSE_DHCP is 0 then FreeRTOS+TCP will use a static IP address.  The
+ * stack will revert to using the static IP address even when ipconfigUSE_DHCP is
+ * set to 1 if a valid configuration cannot be obtained from a DHCP server for any
+ * reason.  The static configuration used is that passed into the stack by the
+ * FreeRTOS_IPInit() function call. */
+#define ipconfigUSE_DHCP                                      1
+
+/* When ipconfigUSE_DHCP is set to 1, DHCP requests will be sent out at
+ * increasing time intervals until either a reply is received from a DHCP server
+ * and accepted, or the interval between transmissions reaches
+ * ipconfigMAXIMUM_DISCOVER_TX_PERIOD.  The IP stack will revert to using the
+ * static IP address passed as a parameter to FreeRTOS_IPInit() if the
+ * re-transmission time interval reaches ipconfigMAXIMUM_DISCOVER_TX_PERIOD without
+ * a DHCP reply being received. */
+#define ipconfigMAXIMUM_DISCOVER_TX_PERIOD                    ( 120000 / portTICK_PERIOD_MS )
+
+/* The ARP cache is a table that maps IP addresses to MAC addresses.  The IP
+ * stack can only send a UDP message to a remove IP address if it knowns the MAC
+ * address associated with the IP address, or the MAC address of the router used to
+ * contact the remote IP address.  When a UDP message is received from a remote IP
+ * address the MAC address and IP address are added to the ARP cache.  When a UDP
+ * message is sent to a remote IP address that does not already appear in the ARP
+ * cache then the UDP message is replaced by a ARP message that solicits the
+ * required MAC address information.  ipconfigARP_CACHE_ENTRIES defines the maximum
+ * number of entries that can exist in the ARP table at any one time. */
+#define ipconfigARP_CACHE_ENTRIES                             6
+
+/* ARP requests that do not result in an ARP response will be re-transmitted a
+ * maximum of ipconfigMAX_ARP_RETRANSMISSIONS times before the ARP request is
+ * aborted. */
+#define ipconfigMAX_ARP_RETRANSMISSIONS                       ( 5 )
+
+/* ipconfigMAX_ARP_AGE defines the maximum time between an entry in the ARP
+ * table being created or refreshed and the entry being removed because it is stale.
+ * New ARP requests are sent for ARP cache entries that are nearing their maximum
+ * age.  ipconfigMAX_ARP_AGE is specified in tens of seconds, so a value of 150 is
+ * equal to 1500 seconds (or 25 minutes). */
+#define ipconfigMAX_ARP_AGE                                   150
+
+/* Implementing FreeRTOS_inet_addr() necessitates the use of string handling
+ * routines, which are relatively large.  To save code space the full
+ * FreeRTOS_inet_addr() implementation is made optional, and a smaller and faster
+ * alternative called FreeRTOS_inet_addr_quick() is provided.  FreeRTOS_inet_addr()
+ * takes an IP in decimal dot format (for example, "192.168.0.1") as its parameter.
+ * FreeRTOS_inet_addr_quick() takes an IP address as four separate numerical octets
+ * (for example, 192, 168, 0, 1) as its parameters.  If
+ * ipconfigINCLUDE_FULL_INET_ADDR is set to 1 then both FreeRTOS_inet_addr() and
+ * FreeRTOS_indet_addr_quick() are available.  If ipconfigINCLUDE_FULL_INET_ADDR is
+ * not set to 1 then only FreeRTOS_indet_addr_quick() is available. */
+#define ipconfigINCLUDE_FULL_INET_ADDR                        1
+
+/* ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS defines the total number of network buffer that
+ * are available to the IP stack.  The total number of network buffers is limited
+ * to ensure the total amount of RAM that can be consumed by the IP stack is capped
+ * to a pre-determinable value. */
+#define ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS                60
+
+/* A FreeRTOS queue is used to send events from application tasks to the IP
+ * stack.  ipconfigEVENT_QUEUE_LENGTH sets the maximum number of events that can
+ * be queued for processing at any one time.  The event queue must be a minimum of
+ * 5 greater than the total number of network buffers. */
+#define ipconfigEVENT_QUEUE_LENGTH                            ( ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS + 5 )
+
+/* The address of a socket is the combination of its IP address and its port
+ * number.  FreeRTOS_bind() is used to manually allocate a port number to a socket
+ * (to 'bind' the socket to a port), but manual binding is not normally necessary
+ * for client sockets (those sockets that initiate outgoing connections rather than
+ * wait for incoming connections on a known port number).  If
+ * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 1 then calling
+ * FreeRTOS_sendto() on a socket that has not yet been bound will result in the IP
+ * stack automatically binding the socket to a port number from the range
+ * socketAUTO_PORT_ALLOCATION_START_NUMBER to 0xffff.  If
+ * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 0 then calling FreeRTOS_sendto()
+ * on a socket that has not yet been bound will result in the send operation being
+ * aborted. */
+#define ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND                1
+
+/* Defines the Time To Live (TTL) values used in outgoing UDP packets. */
+#define ipconfigUDP_TIME_TO_LIVE                              128
+#define ipconfigTCP_TIME_TO_LIVE                              128 /* also defined in FreeRTOSIPConfigDefaults.h */
+
+/* USE_TCP: Use TCP and all its features */
+#define ipconfigUSE_TCP                                       ( 1 )
+
+/* Use the TCP socket wake context with a callback. */
+#define ipconfigSOCKET_HAS_USER_WAKE_CALLBACK_WITH_CONTEXT    ( 1 )
+
+/* USE_WIN: Let TCP use windowing mechanism. */
+#define ipconfigUSE_TCP_WIN                                   ( 1 )
+
+/* The MTU is the maximum number of bytes the payload of a network frame can
+ * contain.  For normal Ethernet V2 frames the maximum MTU is 1500.  Setting a
+ * lower value can save RAM, depending on the buffer management scheme used.  If
+ * ipconfigCAN_FRAGMENT_OUTGOING_PACKETS is 1 then (ipconfigNETWORK_MTU - 28) must
+ * be divisible by 8. */
+#define ipconfigNETWORK_MTU                                   1200
+
+/* Set ipconfigUSE_DNS to 1 to include a basic DNS client/resolver.  DNS is used
+ * through the FreeRTOS_gethostbyname() API function. */
+#define ipconfigUSE_DNS                                       1
+
+/* If ipconfigREPLY_TO_INCOMING_PINGS is set to 1 then the IP stack will
+ * generate replies to incoming ICMP echo (ping) requests. */
+#define ipconfigREPLY_TO_INCOMING_PINGS                       1
+
+/* If ipconfigSUPPORT_OUTGOING_PINGS is set to 1 then the
+ * FreeRTOS_SendPingRequest() API function is available. */
+#define ipconfigSUPPORT_OUTGOING_PINGS                        0
+
+/* If ipconfigSUPPORT_SELECT_FUNCTION is set to 1 then the FreeRTOS_select()
+ * (and associated) API function is available. */
+#define ipconfigSUPPORT_SELECT_FUNCTION                       1
+
+/* If ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES is set to 1 then Ethernet frames
+ * that are not in Ethernet II format will be dropped.  This option is included for
+ * potential future IP stack developments. */
+#define ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES             1
+
+/* If ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES is set to 1 then it is the
+ * responsibility of the Ethernet interface to filter out packets that are of no
+ * interest.  If the Ethernet interface does not implement this functionality, then
+ * set ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES to 0 to have the IP stack
+ * perform the filtering instead (it is much less efficient for the stack to do it
+ * because the packet will already have been passed into the stack).  If the
+ * Ethernet driver does all the necessary filtering in hardware then software
+ * filtering can be removed by using a value other than 1 or 0. */
+#define ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES           1
+
+/* The windows simulator cannot really simulate MAC interrupts, and needs to
+ * block occasionally to allow other tasks to run. */
+#define configWINDOWS_MAC_INTERRUPT_SIMULATOR_DELAY           ( 20 / portTICK_PERIOD_MS )
+
+/* Advanced only: in order to access 32-bit fields in the IP packets with
+ * 32-bit memory instructions, all packets will be stored 32-bit-aligned, plus 16-bits.
+ * This has to do with the contents of the IP-packets: all 32-bit fields are
+ * 32-bit-aligned, plus 16-bit(!) */
+#define ipconfigPACKET_FILLER_SIZE                            2
+
+/* Define the size of the pool of TCP window descriptors.  On the average, each
+ * TCP socket will use up to 2 x 6 descriptors, meaning that it can have 2 x 6
+ * outstanding packets (for Rx and Tx).  When using up to 10 TP sockets
+ * simultaneously, one could define TCP_WIN_SEG_COUNT as 120. */
+#define ipconfigTCP_WIN_SEG_COUNT                             240
+
+/* Each TCP socket has a circular buffers for Rx and Tx, which have a fixed
+ * maximum size.  Define the size of Rx buffer for TCP sockets. */
+#define ipconfigTCP_RX_BUFFER_LENGTH                          ( 5000 )
+
+/* Define the size of Tx buffer for TCP sockets. */
+#define ipconfigTCP_TX_BUFFER_LENGTH                          ( 1000 )
+
+/* When using call-back handlers, the driver may check if the handler points to
+ * real program memory (RAM or flash) or just has a random non-zero value. */
+#define ipconfigIS_VALID_PROG_ADDRESS( x )    ( ( x ) != NULL )
+
+/* Include support for TCP hang protection.  All sockets in a connecting or
+ * disconnecting stage will timeout after a period of non-activity. */
+#define ipconfigTCP_HANG_PROTECTION         ( 1 )
+#define ipconfigTCP_HANG_PROTECTION_TIME    ( 30 )
+
+/* Include support for TCP keep-alive messages. */
+#define ipconfigTCP_KEEP_ALIVE              ( 1 )
+#define ipconfigTCP_KEEP_ALIVE_INTERVAL     ( 20 ) /* in seconds */
+
+#define portINLINE                          __inline
+
+#endif /* FREERTOS_IP_CONFIG_H */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj
new file mode 100644
index 000000000..d4d236e56
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj
@@ -0,0 +1,650 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{C686325E-3261-42F7-AEB1-DDE5280E1CEB}</ProjectGuid>
+    <ProjectName>RTOSDemo</ProjectName>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseOfMfc>false</UseOfMfc>
+    <CharacterSet>MultiByte</CharacterSet>
+    <PlatformToolset>v142</PlatformToolset>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseOfMfc>false</UseOfMfc>
+    <CharacterSet>MultiByte</CharacterSet>
+    <PlatformToolset>v142</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+    <Import Project="$(VCTargetsPath)Microsoft.CPP.UpgradeFromVC60.props" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+    <Import Project="$(VCTargetsPath)Microsoft.CPP.UpgradeFromVC60.props" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup>
+    <_ProjectFileVersion>10.0.30319.1</_ProjectFileVersion>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">.\Debug\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">.\Debug\</IntDir>
+    <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">.\Release\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">.\Release\</IntDir>
+    <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
+    <CodeAnalysisRuleSet Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">AllRules.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Midl>
+      <TypeLibraryName>.\Debug/WIN32.tlb</TypeLibraryName>
+      <HeaderFileName>
+      </HeaderFileName>
+    </Midl>
+    <ClCompile>
+      <Optimization>Disabled</Optimization>
+      <AdditionalIncludeDirectories>..\..\..\..\..\Source\FreeRTOS-Plus-Trace\Include;..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include;..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\BufferManagement;..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\Compiler\MSVC;..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging;..\..\..\Common\WinPCap;..\..\..\..\..\FreeRTOS\Source\include;..\..\..\..\..\FreeRTOS\Source\portable\MSVC-MingW;..\..\..\..\Source\Application-Protocols\coreMQTT\source\include;..\..\..\..\Source\Application-Protocols\coreMQTT\source\interface;..\..\..\..\Source\Utilities\backoff_algorithm\source\include;..\..\..\..\Source\Application-Protocols\network_transport\freertos_plus_tcp;..\..\..\..\Source\Application-Protocols\network_transport\freertos_plus_tcp\using_mbedtls;..\..\..\..\Source\Utilities\mbedtls_freertos;..\..\..\..\ThirdParty\mbedtls\include;..\..\..\..\Source\AWS\fleet-provisioning\source\include;..\..\..\..\Source\coreJSON\source\include;..\..\Mqtt_Demo_Helpers;..\..\..\..\Source\FreeRTOS-Plus-TCP\tools\tcp_utilities\include;.;..\..\..\..\ThirdParty\tinycbor\src;..\..\..\..\Source\corePKCS11\source\include;..\..\..\..\Source\corePKCS11\source\;..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\pkcs11;..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\mbedtls_utils;..\..\..\..\Source\Application-Protocols\network_transport\using_mbedtls_pkcs11;..\..\..\..\Source\corePKCS11\source\portable\os;..\..\..\..\ThirdParty\mbedtls\library;..\..\..\..\Source\Application-Protocols\network_transport\sockets_wrapper\freertos_plus_tcp;..\..\..\..\ThirdParty\mbedtls\include\mbedtls;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>MBEDTLS_CONFIG_FILE="mbedtls_config.h";WIN32;_DEBUG;_CONSOLE;_WIN32_WINNT=0x0500;WINVER=0x400;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <MinimalRebuild>false</MinimalRebuild>
+      <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+      <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+      <PrecompiledHeaderOutputFile>.\Debug/WIN32.pch</PrecompiledHeaderOutputFile>
+      <AssemblerListingLocation>.\Debug/</AssemblerListingLocation>
+      <ObjectFileName>.\Debug/</ObjectFileName>
+      <ProgramDataBaseFileName>.\Debug/</ProgramDataBaseFileName>
+      <WarningLevel>Level4</WarningLevel>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <DisableLanguageExtensions>false</DisableLanguageExtensions>
+      <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+      <AdditionalOptions>/wd4210 /wd4127 /wd4214 /wd4201 /wd4244  /wd4310 /wd4200 %(AdditionalOptions)</AdditionalOptions>
+      <BrowseInformation>true</BrowseInformation>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <ExceptionHandling>false</ExceptionHandling>
+      <CompileAs>CompileAsC</CompileAs>
+    </ClCompile>
+    <ResourceCompile>
+      <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <Culture>0x0c09</Culture>
+    </ResourceCompile>
+    <Link>
+      <OutputFile>.\Debug/RTOSDemo.exe</OutputFile>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ProgramDatabaseFile>.\Debug/WIN32.pdb</ProgramDatabaseFile>
+      <SubSystem>Console</SubSystem>
+      <TargetMachine>MachineX86</TargetMachine>
+      <AdditionalDependencies>wpcap.lib;Bcrypt.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>..\..\..\Common\WinPCap</AdditionalLibraryDirectories>
+      <Profile>false</Profile>
+      <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
+    </Link>
+    <Bscmake>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <OutputFile>.\Debug/WIN32.bsc</OutputFile>
+    </Bscmake>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Midl>
+      <TypeLibraryName>.\Release/WIN32.tlb</TypeLibraryName>
+      <HeaderFileName>
+      </HeaderFileName>
+    </Midl>
+    <ClCompile>
+      <Optimization>MaxSpeed</Optimization>
+      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+      <PreprocessorDefinitions>_WINSOCKAPI_;WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <StringPooling>true</StringPooling>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <PrecompiledHeaderOutputFile>.\Release/WIN32.pch</PrecompiledHeaderOutputFile>
+      <AssemblerListingLocation>.\Release/</AssemblerListingLocation>
+      <ObjectFileName>.\Release/</ObjectFileName>
+      <ProgramDataBaseFileName>.\Release/</ProgramDataBaseFileName>
+      <WarningLevel>Level3</WarningLevel>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <AdditionalIncludeDirectories>..\Common\Utils;..\Common\ethernet\lwip-1.4.0\ports\win32\WinPCap;..\Common\ethernet\lwip-1.4.0\src\include\ipv4;..\Common\ethernet\lwip-1.4.0\src\include;..\..\..\..\Source\include;..\..\..\..\Source\portable\MSVC-MingW;..\Common\ethernet\lwip-1.4.0\ports\win32\include;..\Common\Include;.\lwIP_Apps;.;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+    </ClCompile>
+    <ResourceCompile>
+      <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <Culture>0x0c09</Culture>
+    </ResourceCompile>
+    <Link>
+      <OutputFile>.\Release/RTOSDemo.exe</OutputFile>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <ProgramDatabaseFile>.\Release/WIN32.pdb</ProgramDatabaseFile>
+      <SubSystem>Console</SubSystem>
+      <TargetMachine>MachineX86</TargetMachine>
+      <AdditionalLibraryDirectories>..\Common\ethernet\lwip-1.4.0\ports\win32\WinPCap</AdditionalLibraryDirectories>
+      <AdditionalDependencies>wpcap.lib;Bcrypt.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+    <Bscmake>
+      <SuppressStartupBanner>true</SuppressStartupBanner>
+      <OutputFile>.\Release/WIN32.bsc</OutputFile>
+    </Bscmake>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\event_groups.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\list.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\portable\MemMang\heap_4.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\portable\MSVC-MingW\port.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\queue.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\stream_buffer.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\tasks.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\timers.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_ARP.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_DHCP.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_DNS.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_IP.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_Sockets.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_Stream_Buffer.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_TCP_IP.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_TCP_WIN.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_UDP_IP.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\BufferManagement\BufferAllocation_2.c" />
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\NetworkInterface\WinPCap\NetworkInterface.c" />
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\sockets_wrapper\freertos_plus_tcp\sockets_wrapper.c" />
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\using_mbedtls_pkcs11\using_mbedtls_pkcs11.c" />
+    <ClCompile Include="..\..\..\..\Source\AWS\fleet-provisioning\source\fleet_provisioning.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\core_pkcs11.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\core_pki_utils.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\mbedtls_utils\mbedtls_utils.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\mbedtls\core_pkcs11_mbedtls.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\os\core_pkcs11_pal_utils.c" />
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\os\freertos_winsim\core_pkcs11_pal.c" />
+    <ClCompile Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\tools\tcp_utilities\tcp_netstat.c" />
+    <ClCompile Include="..\..\..\..\Source\Utilities\mbedtls_freertos\mbedtls_bio_freertos_plus_tcp.c" />
+    <ClCompile Include="..\..\..\..\Source\Utilities\mbedtls_freertos\mbedtls_freertos_port.c" />
+    <ClCompile Include="..\..\..\..\Source\Utilities\backoff_algorithm\source\backoff_algorithm.c" />
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_serializer.c" />
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_state.c" />
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt.c" />
+    <ClCompile Include="..\..\..\..\Source\coreJSON\source\core_json.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aes.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aesni.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\arc4.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aria.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\asn1parse.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\asn1write.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\base64.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\bignum.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\blowfish.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\camellia.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ccm.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\certs.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\chacha20.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\chachapoly.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cipher.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cipher_wrap.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cmac.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ctr_drbg.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\debug.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\des.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\dhm.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecdh.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecdsa.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecjpake.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecp.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecp_curves.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\entropy.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\entropy_poll.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\error.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\gcm.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\havege.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\hkdf.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\hmac_drbg.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md2.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md4.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md5.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\memory_buffer_alloc.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\net_sockets.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\nist_kw.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\oid.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\padlock.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pem.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pk.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs11.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs12.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs5.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkparse.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkwrite.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pk_wrap.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\platform.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\platform_util.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\poly1305.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ripemd160.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\rsa.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\rsa_internal.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha1.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha256.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha512.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cache.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_ciphersuites.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cli.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cookie.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_msg.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_srv.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_ticket.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_tls.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\threading.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\timing.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\version.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\version_features.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509write_crt.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509write_csr.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_create.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_crl.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_crt.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_csr.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\xtea.c">
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">TurnOffAllWarnings</WarningLevel>
+      <WarningLevel Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">TurnOffAllWarnings</WarningLevel>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Demo\Common\Logging\windows\Logging_WinSim.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder_close_container_checked.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder_float.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborerrorstrings.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser_dup_string.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser_float.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborpretty.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborpretty_stdio.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborvalidation.c" />
+    <ClCompile Include="DemoTasks\FleetProvisioningDemoExample.c" />
+    <ClCompile Include="tinycbor_serializer.c" />
+    <ClCompile Include="main.c" />
+    <ClCompile Include="mqtt_operations.c" />
+    <ClCompile Include="pkcs11_operations.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\event_groups.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\FreeRTOS.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\portable.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\projdefs.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\queue.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\semphr.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\task.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\timers.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\portable\MSVC-MingW\portmacro.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOSIPConfigDefaults.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_ARP.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_DHCP.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_DNS.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_IP.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_IP_Private.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_Sockets.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_Stream_Buffer.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_TCP_IP.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_TCP_WIN.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_UDP_IP.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\IPTraceMacroDefaults.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\NetworkBufferManagement.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\NetworkInterface.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging_levels.h" />
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging_stack.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_config_defaults.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\sockets_wrapper\freertos_plus_tcp\sockets_wrapper.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\using_mbedtls_pkcs11\using_mbedtls_pkcs11.h" />
+    <ClInclude Include="..\..\..\..\Source\AWS\fleet-provisioning\source\include\fleet_provisioning.h" />
+    <ClInclude Include="..\..\..\..\Source\AWS\fleet-provisioning\source\include\fleet_provisioning_config_defaults.h" />
+    <ClInclude Include="..\..\..\..\Source\coreJSON\source\include\core_json.h" />
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\mbedtls_utils\mbedtls_utils.h" />
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\include\core_pkcs11.h" />
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\include\core_pki_utils.h" />
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\portable\os\core_pkcs11_pal_utils.h" />
+    <ClInclude Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_errno_TCP.h" />
+    <ClInclude Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\tools\tcp_utilities\include\tcp_netstat.h" />
+    <ClInclude Include="..\..\..\..\Source\Utilities\mbedtls_freertos\threading_alt.h" />
+    <ClInclude Include="..\..\..\..\Source\Utilities\backoff_algorithm\source\include\backoff_algorithm.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\interface\transport_interface.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_serializer.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_state.h" />
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aes.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aesni.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\arc4.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aria.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\asn1.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\asn1write.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\base64.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\bignum.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\blowfish.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\bn_mul.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\camellia.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ccm.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\certs.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\chacha20.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\chachapoly.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\check_config.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cipher.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cipher_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cmac.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\compat-1.3.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\config.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ctr_drbg.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\debug.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\des.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\dhm.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecdh.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecdsa.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecjpake.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecp.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecp_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\entropy.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\entropy_poll.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\gcm.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\havege.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\hkdf.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\hmac_drbg.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md2.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md4.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md5.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\memory_buffer_alloc.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\net.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\net_sockets.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\nist_kw.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\oid.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\padlock.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pem.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pk.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs11.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs12.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs5.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pk_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform_time.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform_util.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\poly1305.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\psa_util.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ripemd160.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\rsa.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\rsa_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha1.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha256.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha512.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_cache.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_ciphersuites.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_cookie.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_internal.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_ticket.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\threading.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\timing.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\version.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509_crl.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509_crt.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\xtea.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cbor.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cborinternal_p.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cborjson.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\compilersupport_p.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\tinycbor-version.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\utf8_p.h" />
+    <ClInclude Include="core_pkcs11_config.h" />
+    <ClInclude Include="fleet_provisioning_config.h" />
+    <ClInclude Include="tinycbor_serializer.h" />
+    <ClInclude Include="mbedtls_config.h" />
+    <ClInclude Include="demo_config.h" />
+    <ClInclude Include="FreeRTOSConfig.h" />
+    <ClInclude Include="FreeRTOSIPConfig.h" />
+    <ClInclude Include="core_mqtt_config.h" />
+    <ClInclude Include="mqtt_operations.h" />
+    <ClInclude Include="pkcs11_operations.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="..\..\..\..\ThirdParty\mbedtls\CMakeLists.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\..\..\..\ThirdParty\mbedtls\Makefile" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj.filters b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj.filters
new file mode 100644
index 000000000..c13a98b35
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/WIN32.vcxproj.filters
@@ -0,0 +1,920 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="FreeRTOS">
+      <UniqueIdentifier>{af3445a1-4908-4170-89ed-39345d90d30c}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS\Source">
+      <UniqueIdentifier>{f32be356-4763-4cae-9020-974a2638cb08}</UniqueIdentifier>
+      <Extensions>*.c</Extensions>
+    </Filter>
+    <Filter Include="FreeRTOS\Source\Portable">
+      <UniqueIdentifier>{88f409e6-d396-4ac5-94bd-7a99c914be46}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+">
+      <UniqueIdentifier>{e5ad4ec7-23dc-4295-8add-2acaee488f5a}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS\Source\include">
+      <UniqueIdentifier>{d2dcd641-8d91-492b-852f-5563ffadaec6}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS+TCP">
+      <UniqueIdentifier>{8672fa26-b119-481f-8b8d-086419c01a3e}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS+TCP\portable">
+      <UniqueIdentifier>{4570be11-ec96-4b55-ac58-24b50ada980a}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS+TCP\include">
+      <UniqueIdentifier>{5d93ed51-023a-41ad-9243-8d230165d34b}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="DemoTasks">
+      <UniqueIdentifier>{b71e974a-9f28-4815-972b-d930ba8a34d0}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries">
+      <UniqueIdentifier>{60717407-397f-4ea5-8492-3314acdd25f0}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard">
+      <UniqueIdentifier>{8a90222f-d723-4b4e-8e6e-c57afaf7fa92}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT">
+      <UniqueIdentifier>{2d17d5e6-ed70-4e42-9693-f7a63baf4948}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT\include">
+      <UniqueIdentifier>{6ad56e6d-c330-4830-8f4b-c75b05dfa866}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform">
+      <UniqueIdentifier>{84613aa2-91dc-4e1a-a3b3-823b6d7bf0e0}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\mbedtls">
+      <UniqueIdentifier>{7bedd2e3-adbb-4c95-9632-445132b459ce}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\mbedtls\include">
+      <UniqueIdentifier>{07a14673-4d02-4780-a099-6b8c654dff91}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\mbedtls\library">
+      <UniqueIdentifier>{e875c5e3-40a2-4408-941e-5e1a951cc663}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\mbedtls">
+      <UniqueIdentifier>{8a0aa896-6b3a-49b3-997e-681f0d1949ae}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\transport">
+      <UniqueIdentifier>{c5a01679-3e7a-4320-97ac-ee5b872c1650}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\transport\include">
+      <UniqueIdentifier>{c992824d-4198-46b2-8d59-5f99ab9946ab}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\transport">
+      <UniqueIdentifier>{6a35782c-bc09-42d5-a850-98bcb668a4dc}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard\coreJSON">
+      <UniqueIdentifier>{20aee693-d2dc-480e-ae21-0db2156e54ac}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\AWS">
+      <UniqueIdentifier>{0dacb84e-5cc3-4eed-8fb1-68b6e4741f77}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Config">
+      <UniqueIdentifier>{21d4cf41-bbdc-46af-8508-1193e3b6595a}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS+TCP\tcp_utilities">
+      <UniqueIdentifier>{ca4314cd-3b61-4dd8-b5ab-dbc3f1ed004e}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS+TCP\tcp_utilities\include">
+      <UniqueIdentifier>{9f1aaf81-1839-4673-b7e3-1501dd0edd02}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\backoff_algorithm">
+      <UniqueIdentifier>{fcf93295-15e2-4a84-a5e9-b3c162e9f061}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\logging">
+      <UniqueIdentifier>{40de67d3-3815-46f9-a581-c1a01dbacc92}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\platform\backoff_algorithm\include">
+      <UniqueIdentifier>{2bef4675-f45b-4988-9db3-4ddbf60406ac}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard\coreJSON\include">
+      <UniqueIdentifier>{ced49869-3746-4f73-ba8d-4513320e5e9b}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\tinycbor">
+      <UniqueIdentifier>{0e61bdbc-fd9f-476d-a236-e3610476306c}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\AWS\Fleet_Provisioning">
+      <UniqueIdentifier>{981ca12d-82cf-48db-809c-043aadfd212e}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11">
+      <UniqueIdentifier>{9c5ed328-ee41-4482-a7ee-eef8aab4b9bc}</UniqueIdentifier>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\portable\MSVC-MingW\port.c">
+      <Filter>FreeRTOS\Source\Portable</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\timers.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\list.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\queue.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\tasks.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_UDP_IP.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_DHCP.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_DNS.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_Sockets.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\BufferManagement\BufferAllocation_2.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\portable</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\portable\NetworkInterface\WinPCap\NetworkInterface.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\portable</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_ARP.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_IP.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_TCP_IP.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_TCP_WIN.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\event_groups.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\portable\MemMang\heap_4.c">
+      <Filter>FreeRTOS\Source\Portable</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\FreeRTOS_Stream_Buffer.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS\Source\stream_buffer.c">
+      <Filter>FreeRTOS\Source</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Utilities\mbedtls_freertos\mbedtls_freertos_port.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\mbedtls</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Utilities\backoff_algorithm\source\backoff_algorithm.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\backoff_algorithm</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aes.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aesni.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\arc4.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\aria.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\asn1parse.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\asn1write.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\base64.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\bignum.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\blowfish.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\camellia.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ccm.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\certs.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\chacha20.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\chachapoly.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cipher.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cipher_wrap.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ctr_drbg.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\debug.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\des.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\dhm.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecdh.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecdsa.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecjpake.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecp.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ecp_curves.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\entropy.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\entropy_poll.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\gcm.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\havege.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\hkdf.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\hmac_drbg.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md2.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md4.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\md5.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\memory_buffer_alloc.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\net_sockets.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\nist_kw.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\oid.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\padlock.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pem.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pk.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs11.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs12.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkcs5.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkparse.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pkwrite.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\pk_wrap.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\platform.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\platform_util.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\poly1305.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ripemd160.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\rsa.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\rsa_internal.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha1.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha256.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\sha512.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cache.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_ciphersuites.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cli.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_cookie.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_msg.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_srv.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_ticket.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\ssl_tls.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\threading.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\timing.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\version.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\version_features.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_create.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_crl.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_crt.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509_csr.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\xtea.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\coreJSON\source\core_json.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreJSON</Filter>
+    </ClCompile>
+    <ClCompile Include="main.c" />
+    <ClCompile Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\tools\tcp_utilities\tcp_netstat.c">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\tcp_utilities</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_serializer.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_state.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\..\FreeRTOS-Plus\Demo\Common\Logging\windows\Logging_WinSim.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\error.c" />
+    <ClCompile Include="tinycbor_serializer.c" />
+    <ClCompile Include="pkcs11_operations.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509write_crt.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\x509write_csr.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\error.c" />
+    <ClCompile Include="mqtt_operations.c" />
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder_close_container_checked.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborencoder_float.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborerrorstrings.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser_dup_string.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborparser_float.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborpretty.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborpretty_stdio.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\tinycbor\src\cborvalidation.c">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\AWS\fleet-provisioning\source\fleet_provisioning.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\AWS\Fleet_Provisioning</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\mbedtls_utils\mbedtls_utils.c">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\core_pkcs11.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\core_pki_utils.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\error.c">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\mbedtls\core_pkcs11_mbedtls.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\os\core_pkcs11_pal_utils.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\corePKCS11\source\portable\os\freertos_winsim\core_pkcs11_pal.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\ThirdParty\mbedtls\library\cmac.c">
+      <Filter>FreeRTOS+\mbedtls\library</Filter>
+    </ClCompile>
+    <ClCompile Include="DemoTasks\FleetProvisioningDemoExample.c">
+      <Filter>DemoTasks</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\using_mbedtls_pkcs11\using_mbedtls_pkcs11.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\transport</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\sockets_wrapper\freertos_plus_tcp\sockets_wrapper.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\transport</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\..\Source\Utilities\mbedtls_freertos\mbedtls_bio_freertos_plus_tcp.c">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\mbedtls</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\NetworkInterface.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_DNS.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_Sockets.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_UDP_IP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\timers.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\event_groups.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\FreeRTOS.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\queue.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\semphr.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\task.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\portable\MSVC-MingW\portmacro.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_IP_Private.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\NetworkBufferManagement.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_ARP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_DHCP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_IP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_TCP_IP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_TCP_WIN.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOSIPConfigDefaults.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\IPTraceMacroDefaults.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_Stream_Buffer.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\portable.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS\Source\include\projdefs.h">
+      <Filter>FreeRTOS\Source\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_serializer.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_state.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\interface\transport_interface.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\mbedtls</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Utilities\mbedtls_freertos\threading_alt.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\mbedtls</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aes.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aesni.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\arc4.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\aria.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\asn1.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\asn1write.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\base64.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\bignum.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\blowfish.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\bn_mul.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\camellia.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ccm.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\certs.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\chacha20.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\chachapoly.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\check_config.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cipher.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cipher_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\compat-1.3.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\config.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ctr_drbg.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\debug.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\des.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\dhm.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecdh.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecdsa.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecjpake.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecp.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ecp_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\entropy.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\entropy_poll.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\gcm.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\havege.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\hkdf.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\hmac_drbg.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md2.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md4.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md5.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\md_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\memory_buffer_alloc.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\net.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\net_sockets.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\nist_kw.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\oid.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\padlock.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pem.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pk.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs11.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs12.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pkcs5.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\pk_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform_time.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\platform_util.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\poly1305.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\psa_util.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ripemd160.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\rsa.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\rsa_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha1.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha256.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\sha512.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_cache.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_ciphersuites.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_cookie.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_internal.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\ssl_ticket.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\threading.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\timing.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\version.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509_crl.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\x509_crt.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\xtea.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="core_mqtt_config.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="demo_config.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="FreeRTOSConfig.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="FreeRTOSIPConfig.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\tools\tcp_utilities\include\tcp_netstat.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\tcp_utilities\include</Filter>
+    </ClInclude>
+    <ClInclude Include="mbedtls_config.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\logging</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging_levels.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\logging</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\..\FreeRTOS-Plus\Source\Utilities\logging\logging_stack.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\logging</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_config_defaults.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreMQTT\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Utilities\backoff_algorithm\source\include\backoff_algorithm.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\backoff_algorithm\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\FreeRTOS-Plus-TCP\include\FreeRTOS_errno_TCP.h">
+      <Filter>FreeRTOS+\FreeRTOS+TCP\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\coreJSON\source\include\core_json.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\coreJSON\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h" />
+    <ClInclude Include="tinycbor_serializer.h" />
+    <ClInclude Include="pkcs11_operations.h" />
+    <ClInclude Include="core_pkcs11_config.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="fleet_provisioning_config.h">
+      <Filter>Config</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h" />
+    <ClInclude Include="mqtt_operations.h" />
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cborinternal_p.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cborjson.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\compilersupport_p.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\tinycbor-version.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\utf8_p.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\AWS\fleet-provisioning\source\include\fleet_provisioning.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\AWS\Fleet_Provisioning</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\AWS\fleet-provisioning\source\include\fleet_provisioning_config_defaults.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\AWS\Fleet_Provisioning</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\dependency\3rdparty\mbedtls_utils\mbedtls_utils.h">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\include\core_pkcs11.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\include\core_pki_utils.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\error.h">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\tinycbor\src\cbor.h">
+      <Filter>FreeRTOS+\tinycbor</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\corePKCS11\source\portable\os\core_pkcs11_pal_utils.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\standard\corePKCS11</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\ThirdParty\mbedtls\include\mbedtls\cmac.h">
+      <Filter>FreeRTOS+\mbedtls\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\sockets_wrapper\freertos_plus_tcp\sockets_wrapper.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\transport\include</Filter>
+    </ClInclude>
+    <ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\using_mbedtls_pkcs11\using_mbedtls_pkcs11.h">
+      <Filter>FreeRTOS+\FreeRTOS IoT Libraries\platform\transport\include</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="..\..\..\..\ThirdParty\mbedtls\CMakeLists.txt">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </Text>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\..\..\..\ThirdParty\mbedtls\Makefile">
+      <Filter>FreeRTOS+\mbedtls</Filter>
+    </None>
+  </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_mqtt_config.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_mqtt_config.h
new file mode 100644
index 000000000..ce434e74f
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_mqtt_config.h
@@ -0,0 +1,95 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef CORE_MQTT_CONFIG_H
+#define CORE_MQTT_CONFIG_H
+
+/**************************************************/
+/******* DO NOT CHANGE the following order ********/
+/**************************************************/
+
+/* Include logging header files and define logging macros in the following order:
+ * 1. Include the header file "logging_levels.h".
+ * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on
+ * the logging configuration for MQTT.
+ * 3. Include the header file "logging_stack.h", if logging is enabled for MQTT.
+ */
+
+#include "logging_levels.h"
+
+/* Logging configuration for the MQTT library. */
+#ifndef LIBRARY_LOG_NAME
+    #define LIBRARY_LOG_NAME    "MQTT"
+#endif
+
+#ifndef LIBRARY_LOG_LEVEL
+    #define LIBRARY_LOG_LEVEL    LOG_WARN
+#endif
+
+/* Prototype for the function used to print to console on Windows simulator
+ * of FreeRTOS.
+ * The function prints to the console before the network is connected;
+ * then a UDP port after the network has connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+
+/* Map the SdkLog macro to the logging function to enable logging
+ * on Windows simulator. */
+#ifndef SdkLog
+    #define SdkLog( message )    vLoggingPrintf message
+#endif
+
+#include "logging_stack.h"
+/************ End of logging configuration ****************/
+
+/**
+ * @brief Determines the maximum number of MQTT PUBLISH messages, pending
+ * acknowledgement at a time, that are supported for incoming and outgoing
+ * direction of messages, separately.
+ *
+ * QoS 1 and 2 MQTT PUBLISHes require acknowledgement from the server before
+ * they can be completed. While they are awaiting the acknowledgement, the
+ * client must maintain information about their state. The value of this
+ * macro sets the limit on how many simultaneous PUBLISH states an MQTT
+ * context maintains, separately, for both incoming and outgoing direction of
+ * PUBLISHes.
+ *
+ * @note The MQTT context maintains separate state records for outgoing
+ * and incoming PUBLISHes, and thus, 2 * MQTT_STATE_ARRAY_MAX_COUNT amount
+ * of memory is statically allocated for the state records.
+ */
+#define MQTT_STATE_ARRAY_MAX_COUNT    ( 10U )
+
+/**
+ * @brief Number of milliseconds to wait for a ping response to a ping
+ * request as part of the keep-alive mechanism.
+ *
+ * If a ping response is not received before this timeout, then
+ * #MQTT_ProcessLoop will return #MQTTKeepAliveTimeout.
+ */
+#define MQTT_PINGRESP_TIMEOUT_MS      ( 5000U )
+
+#endif /* ifndef CORE_MQTT_CONFIG_H_ */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_pkcs11_config.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_pkcs11_config.h
new file mode 100644
index 000000000..b90d53411
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/core_pkcs11_config.h
@@ -0,0 +1,210 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/**
+ * @file core_pkcs11_config.h
+ * @brief PCKS#11 config options.
+ */
+
+
+#ifndef _CORE_PKCS11_CONFIG_H_
+#define _CORE_PKCS11_CONFIG_H_
+
+#include "FreeRTOS.h"
+
+/**************************************************/
+/******* DO NOT CHANGE the following order ********/
+/**************************************************/
+
+/* Include logging header files and define logging macros in the following order:
+ * 1. Include the header file "logging_levels.h".
+ * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on
+ * the logging configuration for PKCS #11.
+ * 3. Include the header file "logging_stack.h", if logging is enabled for PKCS #11.
+ */
+#include "logging_levels.h"
+
+/* Logging configuration for the PKCS #11 library. */
+#ifndef LIBRARY_LOG_NAME
+    #define LIBRARY_LOG_NAME    "PKCS11"
+#endif
+
+#ifndef LIBRARY_LOG_LEVEL
+    #define LIBRARY_LOG_LEVEL    LOG_ERROR
+#endif
+
+/* Prototype for the function used to print to console on Windows simulator
+ * of FreeRTOS.
+ * The function prints to the console before the network is connected;
+ * then a UDP port after the network has connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+
+/* Map the SdkLog macro to the logging function to enable logging
+ * on Windows simulator. */
+#ifndef SdkLog
+    #define SdkLog( message )    vLoggingPrintf message
+#endif
+
+#include "logging_stack.h"
+
+/************ End of logging configuration ****************/
+
+#include <stdlib.h>
+
+/**
+ * @brief Malloc API used by core_pkcs11.h
+ */
+#define PKCS11_MALLOC                                      pvPortMalloc
+
+/**
+ * @brief Free API used by core_pkcs11.h
+ */
+#define PKCS11_FREE                                        vPortFree
+
+/**
+ * @brief PKCS #11 default user PIN.
+ *
+ * The PKCS #11 standard specifies the presence of a user PIN. That feature is
+ * sensible for applications that have an interactive user interface and memory
+ * protections. However, since typical microcontroller applications lack one or
+ * both of those, the user PIN is assumed to be used herein for interoperability
+ * purposes only, and not as a security feature.
+ *
+ * Note: Do not cast this to a pointer! The library calls sizeof to get the length
+ * of this string.
+ */
+#define configPKCS11_DEFAULT_USER_PIN                      "0000"
+
+/**
+ * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL
+ * attribute.
+ */
+#define pkcs11configMAX_LABEL_LENGTH                       32UL
+
+/**
+ * @brief Maximum number of token objects that can be stored
+ * by the PKCS #11 module.
+ */
+#define pkcs11configMAX_NUM_OBJECTS                        6UL
+
+/**
+ * @brief Maximum number of sessions that can be stored
+ * by the PKCS #11 module.
+ */
+#define pkcs11configMAX_SESSIONS                           10UL
+
+/**
+ * @brief Set to 1 if a PAL destroy object is implemented.
+ *
+ * If set to 0, no PAL destroy object is implemented, and this functionality
+ * is implemented in the common PKCS #11 layer.
+ */
+#define pkcs11configPAL_DESTROY_SUPPORTED                  0
+
+/**
+ * @brief Set to 1 if OTA image verification via PKCS #11 module is supported.
+ *
+ * If set to 0, OTA code signing certificate is built in via
+ * aws_ota_codesigner_certificate.h.
+ */
+#define pkcs11configOTA_SUPPORTED                          1
+
+/**
+ * @brief Set to 1 if PAL supports storage for JITP certificate,
+ * code verify certificate, and trusted server root certificate.
+ *
+ * If set to 0, PAL does not support storage mechanism for these, and
+ * they are accessed via headers compiled into the code.
+ */
+#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED    0
+
+/**
+ * @brief The PKCS #11 label for device private key.
+ *
+ * Private key for connection to AWS IoT endpoint.  The corresponding
+ * public key should be registered with the AWS IoT endpoint.
+ */
+#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS       ( "Device Priv TLS Key" )
+
+/**
+ * @brief The PKCS #11 label for device public key.
+ *
+ * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.
+ */
+#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS        ( "Device Pub TLS Key" )
+
+/**
+ * @brief The PKCS #11 label for the device certificate.
+ *
+ * Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.
+ */
+#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS       ( "Device Cert" )
+
+/**
+ * @brief The PKCS #11 label for the object to be used for HMAC operations.
+ */
+#define pkcs11configLABEL_HMAC_KEY                         ( "HMAC Key" )
+
+/**
+ * @brief The PKCS #11 label for the object to be used for CMAC operations.
+ */
+#define pkcs11configLABEL_CMAC_KEY                         ( "CMAC Key" )
+
+/**
+ * @brief The PKCS #11 label for the object to be used for code verification.
+ *
+ * Used by over-the-air update code to verify an incoming signed image.
+ */
+#define pkcs11configLABEL_CODE_VERIFICATION_KEY            ( "Code Verify Key" )
+
+/**
+ * @brief The PKCS #11 label for the claim certificate for Fleet Provisioning.
+ */
+#define pkcs11configLABEL_CLAIM_CERTIFICATE                ( "Claim Cert" )
+
+/**
+ * @brief The PKCS #11 label for the claim private key for Fleet Provisioning.
+ */
+#define pkcs11configLABEL_CLAIM_PRIVATE_KEY                ( "Claim Key" )
+
+/**
+ * @brief The PKCS #11 label for Just-In-Time-Provisioning.
+ *
+ * The certificate corresponding to the issuer of the device certificate
+ * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or
+ * JITP flow.
+ */
+#define pkcs11configLABEL_JITP_CERTIFICATE                 ( "JITP Cert" )
+
+/**
+ * @brief The PKCS #11 label for the AWS Trusted Root Certificate.
+ *
+ * @see aws_default_root_certificates.h
+ */
+#define pkcs11configLABEL_ROOT_CERTIFICATE                 ( "Root Cert" )
+
+#endif /* _CORE_PKCS11_CONFIG_H_ include guard. */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/demo_config.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/demo_config.h
new file mode 100644
index 000000000..be49fcc99
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/demo_config.h
@@ -0,0 +1,211 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef DEMO_CONFIG_H
+#define DEMO_CONFIG_H
+
+/**************************************************/
+/******* DO NOT CHANGE the following order ********/
+/**************************************************/
+
+/* Include logging header files and define logging macros in the following order:
+ * 1. Include the header file "logging_levels.h".
+ * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on
+ * the logging configuration for DEMO.
+ * 3. Include the header file "logging_stack.h", if logging is enabled for DEMO.
+ */
+
+#include "logging_levels.h"
+
+/* Logging configuration for the Demo. */
+#ifndef LIBRARY_LOG_NAME
+    #define LIBRARY_LOG_NAME    "FLEET_PROVISIONING_DEMO"
+#endif
+
+#ifndef LIBRARY_LOG_LEVEL
+    #define LIBRARY_LOG_LEVEL    LOG_INFO
+#endif
+
+/* Prototype for the function used to print to console on Windows simulator
+ * of FreeRTOS.
+ * The function prints to the console before the network is connected;
+ * then a UDP port after the network has connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+
+/* Map the SdkLog macro to the logging function to enable logging
+ * on Windows simulator. */
+#ifndef SdkLog
+    #define SdkLog( message )    vLoggingPrintf message
+#endif
+
+#include "logging_stack.h"
+
+/************ End of logging configuration ****************/
+
+/**
+ * @brief The unique ID used by the demo to differentiate instances.
+ *
+ *!!! Please note a #defined constant is used for convenience of demonstration
+ *!!! only.  Production devices can use something unique to the device that can
+ *!!! be read by software, such as a production serial number, instead of a
+ *!!! hard coded constant.
+ */
+#define democonfigFP_DEMO_ID    "FPDemoID"__TIME__
+
+/**
+ * @brief The MQTT client identifier used in this example.  Each client identifier
+ * must be unique so edit as required to ensure no two clients connecting to the
+ * same broker use the same client identifier.
+ *
+ * @note Appending __TIME__ to the client id string will reduce the possibility of a
+ * client id collision in the broker. Note that the appended time is the compilation
+ * time. This client id can cause collision, if more than one instance of the same
+ * binary is used at the same time to connect to the broker.
+ */
+#ifndef democonfigCLIENT_IDENTIFIER
+    #define democonfigCLIENT_IDENTIFIER    "client"democonfigFP_DEMO_ID
+#endif
+
+/**
+ * @brief Details of the MQTT broker to connect to.
+ *
+ * This is the Claim's Rest API Endpoint for AWS IoT.
+ *
+ * @note Your AWS IoT Core endpoint can be found in the AWS IoT console under
+ * Settings/Custom Endpoint, or using the describe-endpoint API.
+ *
+ * #define democonfigMQTT_BROKER_ENDPOINT     "...insert here..."
+ */
+
+/**
+ * @brief AWS IoT MQTT broker port number.
+ *
+ * In general, port 8883 is for secured MQTT connections.
+ *
+ * @note Port 443 requires use of the ALPN TLS extension with the ALPN protocol
+ * name. When using port 8883, ALPN is not required.
+ */
+#define democonfigMQTT_BROKER_PORT    ( 8883 )
+
+/**
+ * @brief Server's root CA certificate.
+ *
+ * For AWS IoT MQTT broker, this certificate is used to identify the AWS IoT
+ * server and is publicly available. Refer to the AWS documentation available
+ * in the link below.
+ * https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs
+ *
+ * @note This certificate should be PEM-encoded.
+ *
+ * Must include the PEM header and footer:
+ * "-----BEGIN CERTIFICATE-----\n"\
+ * "...base64 data...\n"\
+ * "-----END CERTIFICATE-----\n"
+ *
+ * #define democonfigROOT_CA_PEM    "...insert here..."
+ */
+
+/**
+ * @brief Name of the provisioning template to use for the RegisterThing
+ * portion of the Fleet Provisioning workflow.
+ *
+ * For information about provisioning templates, see the following AWS documentation:
+ * https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html#fleet-provision-template
+ *
+ * The example template used for this demo is available in the
+ * example_demo_template.json file in the demo directory. In the example,
+ * replace <provisioned-thing-policy> with the policy provisioned devices
+ * should have.  The demo template uses Fn::Join to construct the Thing name by
+ * concatenating fp_demo_ and the serial number sent by the demo.
+ *
+ * @note The provisioning template MUST be created in AWS IoT before running the
+ * demo.
+ *
+ * #define democonfigPROVISIONING_TEMPLATE_NAME    "...insert here..."
+ */
+
+/**
+ * @brief Subject name to use when creating the certificate signing request (CSR)
+ * for provisioning the demo client with using the Fleet Provisioning
+ * CreateCertificateFromCsr APIs.
+ *
+ * This is passed to MbedTLS; see https://tls.mbed.org/api/x509__csr_8h.html#a954eae166b125cea2115b7db8c896e90
+ */
+#ifndef democonfigCSR_SUBJECT_NAME
+    #define democonfigCSR_SUBJECT_NAME    "CN="democonfigFP_DEMO_ID
+#endif
+
+/**
+ * @brief Set the stack size of the main demo task.
+ *
+ * In the Windows port, this stack only holds a structure. The actual
+ * stack is created by an operating system thread.
+ *
+ * @note This demo runs on WinSim and the minimal stack size is functional.
+ * However, if you are porting components of this demo to other platforms,
+ * the stack size may need to be increased to accommodate the size of the
+ * buffers used when generating new keys and certificates.
+ *
+ */
+#define democonfigDEMO_STACKSIZE            configMINIMAL_STACK_SIZE
+
+/**
+ * @brief Size of the network buffer for MQTT packets. Must be large enough to
+ * hold the GetCertificateFromCsr response, which, among other things, includes
+ * a PEM encoded certificate.
+ */
+#define democonfigNETWORK_BUFFER_SIZE       ( 2048U )
+
+/**
+ * @brief The name of the operating system that the application is running on.
+ * The current value is given as an example. Please update for your specific
+ * operating system.
+ */
+#define democonfigOS_NAME                   "FreeRTOS"
+
+/**
+ * @brief The version of the operating system that the application is running
+ * on. The current value is given as an example. Please update for your specific
+ * operating system version.
+ */
+#define democonfigOS_VERSION                tskKERNEL_VERSION_NUMBER
+
+/**
+ * @brief The name of the hardware platform the application is running on. The
+ * current value is given as an example. Please update for your specific
+ * hardware platform.
+ */
+#define democonfigHARDWARE_PLATFORM_NAME    "WinSim"
+
+/**
+ * @brief The name of the MQTT library used and its version, following an "@"
+ * symbol.
+ */
+#include "core_mqtt.h" /* Include coreMQTT header for MQTT_LIBRARY_VERSION macro. */
+#define democonfigMQTT_LIB    "core-mqtt@"MQTT_LIBRARY_VERSION
+
+#endif /* DEMO_CONFIG_H */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_claim_policy.json b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_claim_policy.json
new file mode 100644
index 000000000..637ec0362
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_claim_policy.json
@@ -0,0 +1,31 @@
+ {
+   "Version": "2012-10-17",
+   "Statement": [
+     {
+       "Effect": "Allow",
+       "Action": [
+         "iot:Connect"
+       ],
+       "Resource": "*"
+     },
+     {
+       "Effect": "Allow",
+       "Action": [
+         "iot:Publish",
+         "iot:Receive"
+       ],
+       "Resource": [
+         "arn:aws:iot:<aws-region>:<aws-account-id>:topic/$aws/certificates/create-from-csr/*",
+         "arn:aws:iot:<aws-region>:<aws-account-id>:topic/$aws/provisioning-templates/<template-name>/provision/*"
+       ]
+     },
+     {
+       "Effect": "Allow",
+       "Action": "iot:Subscribe",
+       "Resource": [
+         "arn:aws:iot:<aws-region>:<aws-account-id>:topicfilter/$aws/certificates/create-from-csr/*",
+         "arn:aws:iot:<aws-region>:<aws-account-id>:topicfilter/$aws/provisioning-templates/<template-name>/provision/*"
+       ]
+     }
+   ]
+ }
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_fleet_provisioning_template.json b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_fleet_provisioning_template.json
new file mode 100644
index 000000000..78d7fca2a
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/example_fleet_provisioning_template.json
@@ -0,0 +1,54 @@
+ {
+   "Parameters": {
+     "SerialNumber": {
+       "Type": "String"
+     },
+     "AWS::IoT::Certificate::Id": {
+       "Type": "String"
+     }
+   },
+   "Resources": {
+     "certificate": {
+       "Properties": {
+         "CertificateId": {
+           "Ref": "AWS::IoT::Certificate::Id"
+         },
+         "Status": "Active"
+       },
+       "Type": "AWS::IoT::Certificate"
+     },
+     "policy": {
+       "Properties": {
+         "PolicyName": "<provisioned-thing-policy>"
+       },
+       "Type": "AWS::IoT::Policy"
+     },
+     "thing": {
+       "OverrideSettings": {
+         "AttributePayload": "MERGE",
+         "ThingGroups": "DO_NOTHING",
+         "ThingTypeName": "REPLACE"
+       },
+       "Properties": {
+         "AttributePayload": {},
+         "ThingGroups": [],
+         "ThingName": {
+           "Fn::Join": [
+             "",
+             [
+               "fp_demo_",
+               {
+                 "Ref": "SerialNumber"
+               }
+             ]
+           ]
+         },
+         "ThingTypeName": "fp_demo_things"
+       },
+       "Type": "AWS::IoT::Thing"
+     }
+   },
+   "DeviceConfiguration": {
+       "Foo": "Bar"
+   }
+ }
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_config.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_config.h
new file mode 100644
index 000000000..edebd764d
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_config.h
@@ -0,0 +1,68 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef FLEET_PROVISIONING_CONFIG_H_
+#define FLEET_PROVISIONING_CONFIG_H_
+
+/**************************************************/
+/******* DO NOT CHANGE the following order ********/
+/**************************************************/
+
+/* Include logging header files and define logging macros in the following order:
+ * 1. Include the header file "logging_levels.h".
+ * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros.
+ * 3. Include the header file "logging_stack.h".
+ */
+
+#include "logging_levels.h"
+
+/* Logging configuration for the Fleet Provisioning library. */
+#ifndef LIBRARY_LOG_NAME
+    #define LIBRARY_LOG_NAME    "FleetProvisioning"
+#endif
+
+#ifndef LIBRARY_LOG_LEVEL
+    #define LIBRARY_LOG_LEVEL    LOG_INFO
+#endif
+
+/* Prototype for the function used to print to console on Windows simulator
+ * of FreeRTOS.
+ * The function prints to the console before the network is connected;
+ * then a UDP port after the network has connected. */
+extern void vLoggingPrintf( const char * pcFormatString,
+                            ... );
+
+/* Map the SdkLog macro to the logging function to enable logging
+ * on Windows simulator. */
+#ifndef SdkLog
+    #define SdkLog( message )    vLoggingPrintf message
+#endif
+
+#include "logging_stack.h"
+
+/************ End of logging configuration ****************/
+
+#endif /* ifndef FLEET_PROVISIONING_CONFIG_H_ */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo.sln b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo.sln
new file mode 100644
index 000000000..49642528e
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo.sln
@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.31729.503
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "RTOSDemo", "WIN32.vcxproj", "{C686325E-3261-42F7-AEB1-DDE5280E1CEB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x86 = Debug|x86
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{C686325E-3261-42F7-AEB1-DDE5280E1CEB}.Debug|x86.ActiveCfg = Debug|Win32
+		{C686325E-3261-42F7-AEB1-DDE5280E1CEB}.Debug|x86.Build.0 = Debug|Win32
+		{C686325E-3261-42F7-AEB1-DDE5280E1CEB}.Release|x86.ActiveCfg = Release|Win32
+		{C686325E-3261-42F7-AEB1-DDE5280E1CEB}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {573E92F2-7674-4EE8-A7FD-8128A495333D}
+	EndGlobalSection
+EndGlobal
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo_setup.py b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo_setup.py
new file mode 100644
index 000000000..b90b804b8
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo_setup.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+
+import argparse
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+
+KEY_OUT_NAME = "corePKCS11_Claim_Key.dat"
+CERT_OUT_NAME = "corePKCS11_Claim_Certificate.dat"
+
+
+def convert_pem_to_der(cert_file, key_file):
+    # Convert certificate from PEM to DER
+    print("Converting format to DER format...")
+    with open(key_file, "rb") as key:
+        print("Starting key PEM to DER conversion.")
+        pemkey = serialization.load_pem_private_key(key.read(), None, default_backend())
+        key_der = pemkey.private_bytes(
+            serialization.Encoding.DER,
+            serialization.PrivateFormat.TraditionalOpenSSL,
+            serialization.NoEncryption(),
+        )
+        with open(KEY_OUT_NAME, "wb") as key_out:
+            key_out.write(key_der)
+        print(
+            f"Successfully converted key PEM to DER. Output file named: {KEY_OUT_NAME}"
+        )
+
+    print("Starting certificate pem conversion.")
+    with open(cert_file, "rb") as cert:
+        cert = x509.load_pem_x509_certificate(cert.read(), default_backend())
+        with open(CERT_OUT_NAME, "wb") as cert_out:
+            cert_out.write(cert.public_bytes(serialization.Encoding.DER))
+
+        print(
+            f"Successfully converted certificate PEM to DER. Output file named: {CERT_OUT_NAME}"
+        )
+
+
+def main(args):
+    convert_pem_to_der(cert_file=args.cert_file, key_file=args.key_file)
+
+
+if __name__ == "__main__":
+    arg_parser = argparse.ArgumentParser(
+        description="This script converts passed in PEM format certificates and keys into the binary DER format."
+    )
+    arg_parser.add_argument(
+        "-c",
+        "--cert_file",
+        type=str,
+        help="Specify the name of the generated certificate file.",
+        required=True,
+    )
+    arg_parser.add_argument(
+        "-k",
+        "--key_file",
+        type=str,
+        help="Specify the name of the generated key file.",
+        required=True,
+    )
+    args = arg_parser.parse_args()
+    main(args)
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/main.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/main.c
new file mode 100644
index 000000000..4a5e4d7c8
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/main.c
@@ -0,0 +1,377 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/***
+ * See https://www.FreeRTOS.org/iot-device-defender for configuration and usage instructions.
+ ***/
+
+/* Standard includes. */
+#include <stdio.h>
+#include <time.h>
+#include <stdint.h>
+
+/* Visual studio intrinsics used so the __debugbreak() function is available
+ * should an assert get hit. */
+#include <intrin.h>
+
+/* FreeRTOS includes. */
+#include "FreeRTOS.h"
+#include "task.h"
+
+/* TCP/IP stack includes. */
+#include "FreeRTOS_IP.h"
+#include "FreeRTOS_Sockets.h"
+
+/* Demo logging includes. */
+#include "logging.h"
+
+/* Demo Specific configs. */
+#include "demo_config.h"
+
+
+/*
+ * Prototypes for the demos that can be started from this project.  Note the
+ * Fleet Provisioning demo is not actually started until the network is already, which is
+ * indicated by vApplicationIPNetworkEventHook() executing - hence
+ * vStartFleetProvisioningDemo() is called from inside vApplicationIPNetworkEventHook().
+ */
+extern void vStartFleetProvisioningDemo( void );
+
+/*
+ * Just seeds the simple pseudo random number generator.
+ *
+ * !!! NOTE !!!
+ * This is not a secure method of generating random numbers and production
+ * devices should use a true random number generator (TRNG).
+ */
+static void prvSRand( UBaseType_t ulSeed );
+
+/*
+ * Miscellaneous initialization including preparing the logging and seeding the
+ * random number generator.
+ */
+static void prvMiscInitialisation( void );
+
+/* The default IP and MAC address used by the demo.  The address configuration
+ * defined here will be used if ipconfigUSE_DHCP is 0, or if ipconfigUSE_DHCP is
+ * 1 but a DHCP server could not be contacted.  See the online documentation for
+ * more information. */
+static const uint8_t ucIPAddress[ 4 ] = { configIP_ADDR0, configIP_ADDR1, configIP_ADDR2, configIP_ADDR3 };
+static const uint8_t ucNetMask[ 4 ] = { configNET_MASK0, configNET_MASK1, configNET_MASK2, configNET_MASK3 };
+static const uint8_t ucGatewayAddress[ 4 ] = { configGATEWAY_ADDR0, configGATEWAY_ADDR1, configGATEWAY_ADDR2, configGATEWAY_ADDR3 };
+static const uint8_t ucDNSServerAddress[ 4 ] = { configDNS_SERVER_ADDR0, configDNS_SERVER_ADDR1, configDNS_SERVER_ADDR2, configDNS_SERVER_ADDR3 };
+
+/* Set the following constant to pdTRUE to log using the method indicated by the
+ * name of the constant, or pdFALSE to not log using the method indicated by the
+ * name of the constant.  Options include to standard out (xLogToStdout), to a disk
+ * file (xLogToFile), and to a UDP port (xLogToUDP).  If xLogToUDP is set to pdTRUE
+ * then UDP messages are sent to the IP address configured as the UDP logging server
+ * address (see the configUDP_LOGGING_ADDR0 definitions in FreeRTOSConfig.h) and
+ * the port number set by configPRINT_PORT in FreeRTOSConfig.h. */
+const BaseType_t xLogToStdout = pdTRUE, xLogToFile = pdFALSE, xLogToUDP = pdFALSE;
+
+/* Default MAC address configuration.  The demo creates a virtual network
+ * connection that uses this MAC address by accessing the raw Ethernet data
+ * to and from a real network connection on the host PC.  See the
+ * configNETWORK_INTERFACE_TO_USE definition for information on how to configure
+ * the real network connection to use. */
+const uint8_t ucMACAddress[ 6 ] = { configMAC_ADDR0, configMAC_ADDR1, configMAC_ADDR2, configMAC_ADDR3, configMAC_ADDR4, configMAC_ADDR5 };
+
+/* Used by the pseudo random number generator. */
+static UBaseType_t ulNextRand;
+/*-----------------------------------------------------------*/
+
+int main( void )
+{
+    /* Miscellaneous initialization including preparing the logging and seeding
+     * the random number generator. */
+    prvMiscInitialisation();
+
+    /* Initialize the network interface.
+     *
+     ***NOTE*** Tasks that use the network are created in the network event hook
+     * when the network is connected and ready for use (see the implementation of
+     * vApplicationIPNetworkEventHook() below).  The address values passed in here
+     * are used if ipconfigUSE_DHCP is set to 0, or if ipconfigUSE_DHCP is set to 1
+     * but a DHCP server cannot be contacted. */
+    FreeRTOS_IPInit( ucIPAddress, ucNetMask, ucGatewayAddress, ucDNSServerAddress, ucMACAddress );
+
+    /* Start the RTOS scheduler. */
+    vTaskStartScheduler();
+
+    /* If all is well, the scheduler will now be running, and the following
+     * line will never be reached.  If the following line does execute, then
+     * there was insufficient FreeRTOS heap memory available for the idle and/or
+     * timer tasks to be created.  See the memory management section on the
+     * FreeRTOS web site for more details (this is standard text that is not
+     * really applicable to the Win32 simulator port). */
+    for( ; ; )
+    {
+        __debugbreak();
+    }
+}
+/*-----------------------------------------------------------*/
+
+/* Called by FreeRTOS+TCP when the network connects or disconnects.  Disconnect
+ * events are only received if implemented in the MAC driver. */
+void vApplicationIPNetworkEventHook( eIPCallbackEvent_t eNetworkEvent )
+{
+    uint32_t ulIPAddress, ulNetMask, ulGatewayAddress, ulDNSServerAddress;
+    char cBuffer[ 16 ];
+    static BaseType_t xTasksAlreadyCreated = pdFALSE;
+
+    /* If the network has just come up...*/
+    if( eNetworkEvent == eNetworkUp )
+    {
+        /* Create the tasks that use the IP stack if they have not already been
+         * created. */
+        if( xTasksAlreadyCreated == pdFALSE )
+        {
+            /* Demos that use the network are created after the network is
+             * up. */
+            LogInfo( ( "---------STARTING DEMO---------\r\n" ) );
+            vStartFleetProvisioningDemo();
+            xTasksAlreadyCreated = pdTRUE;
+        }
+
+        /* Print out the network configuration, which may have come from a DHCP
+         * server. */
+        FreeRTOS_GetAddressConfiguration( &ulIPAddress, &ulNetMask, &ulGatewayAddress, &ulDNSServerAddress );
+        FreeRTOS_inet_ntoa( ulIPAddress, cBuffer );
+        LogInfo( ( "\r\n\r\nIP Address: %s\r\n", cBuffer ) );
+
+        FreeRTOS_inet_ntoa( ulNetMask, cBuffer );
+        LogInfo( ( "Subnet Mask: %s\r\n", cBuffer ) );
+
+        FreeRTOS_inet_ntoa( ulGatewayAddress, cBuffer );
+        LogInfo( ( "Gateway Address: %s\r\n", cBuffer ) );
+
+        FreeRTOS_inet_ntoa( ulDNSServerAddress, cBuffer );
+        LogInfo( ( "DNS Server Address: %s\r\n\r\n\r\n", cBuffer ) );
+    }
+}
+/*-----------------------------------------------------------*/
+
+void vAssertCalled( const char * pcFile,
+                    uint32_t ulLine )
+{
+    volatile uint32_t ulBlockVariable = 0UL;
+    volatile char * pcFileName = ( volatile char * ) pcFile;
+    volatile uint32_t ulLineNumber = ulLine;
+
+    ( void ) pcFileName;
+    ( void ) ulLineNumber;
+
+    printf( "vAssertCalled( %s, %u\n", pcFile, ulLine );
+
+    /* Setting ulBlockVariable to a non-zero value in the debugger will allow
+     * this function to be exited. */
+    taskDISABLE_INTERRUPTS();
+    {
+        while( ulBlockVariable == 0UL )
+        {
+            __debugbreak();
+        }
+    }
+    taskENABLE_INTERRUPTS();
+}
+/*-----------------------------------------------------------*/
+
+UBaseType_t uxRand( void )
+{
+    const uint32_t ulMultiplier = 0x015a4e35UL, ulIncrement = 1UL;
+
+    /*
+     * Utility function to generate a pseudo random number.
+     *
+     * !!!NOTE!!!
+     * This is not a secure method of generating a random number.  Production
+     * devices should use a True Random Number Generator (TRNG).
+     */
+    ulNextRand = ( ulMultiplier * ulNextRand ) + ulIncrement;
+    return( ( int ) ( ulNextRand >> 16UL ) & 0x7fffUL );
+}
+/*-----------------------------------------------------------*/
+
+static void prvSRand( UBaseType_t ulSeed )
+{
+    /* Utility function to seed the pseudo random number generator. */
+    ulNextRand = ulSeed;
+}
+/*-----------------------------------------------------------*/
+
+static void prvMiscInitialisation( void )
+{
+    time_t xTimeNow;
+    uint32_t ulLoggingIPAddress;
+
+    ulLoggingIPAddress = FreeRTOS_inet_addr_quick( configUDP_LOGGING_ADDR0, configUDP_LOGGING_ADDR1, configUDP_LOGGING_ADDR2, configUDP_LOGGING_ADDR3 );
+    vLoggingInit( xLogToStdout, xLogToFile, xLogToUDP, ulLoggingIPAddress, configPRINT_PORT );
+
+    /*
+     * Seed random number generator.
+     *
+     * !!!NOTE!!!
+     * This is not a secure method of generating a random number.  Production
+     * devices should use a True Random Number Generator (TRNG).
+     */
+    time( &xTimeNow );
+    LogDebug( ( "Seed for randomizer: %lu\n", xTimeNow ) );
+    prvSRand( ( uint32_t ) xTimeNow );
+    LogDebug( ( "Random numbers: %08X %08X %08X %08X\n", ipconfigRAND32(), ipconfigRAND32(), ipconfigRAND32(), ipconfigRAND32() ) );
+}
+/*-----------------------------------------------------------*/
+
+#if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 ) || ( ipconfigDHCP_REGISTER_HOSTNAME == 1 )
+
+    const char * pcApplicationHostnameHook( void )
+    {
+        /* Assign the name "FreeRTOS" to this network node.  This function will
+         * be called during the DHCP: the machine will be registered with an IP
+         * address plus this name. */
+        return mainHOST_NAME;
+    }
+
+#endif
+/*-----------------------------------------------------------*/
+
+#if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 )
+
+    BaseType_t xApplicationDNSQueryHook( const char * pcName )
+    {
+        BaseType_t xReturn;
+
+        /* Determine if a name lookup is for this node.  Two names are given
+         * to this node: that returned by pcApplicationHostnameHook() and that set
+         * by mainDEVICE_NICK_NAME. */
+        if( _stricmp( pcName, pcApplicationHostnameHook() ) == 0 )
+        {
+            xReturn = pdPASS;
+        }
+        else if( _stricmp( pcName, mainDEVICE_NICK_NAME ) == 0 )
+        {
+            xReturn = pdPASS;
+        }
+        else
+        {
+            xReturn = pdFAIL;
+        }
+
+        return xReturn;
+    }
+
+#endif /* if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 ) */
+/*-----------------------------------------------------------*/
+
+/*
+ * Callback that provides the inputs necessary to generate a randomized TCP
+ * Initial Sequence Number per RFC 6528.  THIS IS ONLY A DUMMY IMPLEMENTATION
+ * THAT RETURNS A PSEUDO RANDOM NUMBER SO IS NOT INTENDED FOR USE IN PRODUCTION
+ * SYSTEMS.
+ */
+extern uint32_t ulApplicationGetNextSequenceNumber( uint32_t ulSourceAddress,
+                                                    uint16_t usSourcePort,
+                                                    uint32_t ulDestinationAddress,
+                                                    uint16_t usDestinationPort )
+{
+    ( void ) ulSourceAddress;
+    ( void ) usSourcePort;
+    ( void ) ulDestinationAddress;
+    ( void ) usDestinationPort;
+
+    return uxRand();
+}
+/*-----------------------------------------------------------*/
+
+/*
+ * Set *pulNumber to a random number, and return pdTRUE. When the random number
+ * generator is broken, it shall return pdFALSE.
+ * The macros ipconfigRAND32() and configRAND32() are not in use
+ * anymore in FreeRTOS+TCP.
+ *
+ * THIS IS ONLY A DUMMY IMPLEMENTATION THAT RETURNS A PSEUDO RANDOM NUMBER SO IS
+ * NOT INTENDED FOR USE IN PRODUCTION SYSTEMS.
+ */
+BaseType_t xApplicationGetRandomNumber( uint32_t * pulNumber )
+{
+    *pulNumber = uxRand();
+    return pdTRUE;
+}
+/*-----------------------------------------------------------*/
+
+/* configUSE_STATIC_ALLOCATION is set to 1, so the application must provide an
+ * implementation of vApplicationGetIdleTaskMemory() to provide the memory that is
+ * used by the Idle task. */
+void vApplicationGetIdleTaskMemory( StaticTask_t ** ppxIdleTaskTCBBuffer,
+                                    StackType_t ** ppxIdleTaskStackBuffer,
+                                    uint32_t * pulIdleTaskStackSize )
+{
+    /* If the buffers to be provided to the Idle task are declared inside this
+     * function then they must be declared static - otherwise they will be allocated on
+     * the stack and so not exists after this function exits. */
+    static StaticTask_t xIdleTaskTCB;
+    static StackType_t uxIdleTaskStack[ configMINIMAL_STACK_SIZE ];
+
+    /* Pass out a pointer to the StaticTask_t structure in which the Idle task's
+     * state will be stored. */
+    *ppxIdleTaskTCBBuffer = &xIdleTaskTCB;
+
+    /* Pass out the array that will be used as the Idle task's stack. */
+    *ppxIdleTaskStackBuffer = uxIdleTaskStack;
+
+    /* Pass out the size of the array pointed to by *ppxIdleTaskStackBuffer.
+     * Note that, as the array is necessarily of type StackType_t,
+     * configMINIMAL_STACK_SIZE is specified in words, not bytes. */
+    *pulIdleTaskStackSize = configMINIMAL_STACK_SIZE;
+}
+/*-----------------------------------------------------------*/
+
+/* configUSE_STATIC_ALLOCATION and configUSE_TIMERS are both set to 1, so the
+ * application must provide an implementation of vApplicationGetTimerTaskMemory()
+ * to provide the memory that is used by the Timer service task. */
+void vApplicationGetTimerTaskMemory( StaticTask_t ** ppxTimerTaskTCBBuffer,
+                                     StackType_t ** ppxTimerTaskStackBuffer,
+                                     uint32_t * pulTimerTaskStackSize )
+{
+    /* If the buffers to be provided to the Timer task are declared inside this
+     * function then they must be declared static - otherwise they will be allocated on
+     * the stack and so not exists after this function exits. */
+    static StaticTask_t xTimerTaskTCB;
+    static StackType_t uxTimerTaskStack[ configTIMER_TASK_STACK_DEPTH ];
+
+    /* Pass out a pointer to the StaticTask_t structure in which the Timer
+     * task's state will be stored. */
+    *ppxTimerTaskTCBBuffer = &xTimerTaskTCB;
+
+    /* Pass out the array that will be used as the Timer task's stack. */
+    *ppxTimerTaskStackBuffer = uxTimerTaskStack;
+
+    /* Pass out the size of the array pointed to by *ppxTimerTaskStackBuffer.
+     * Note that, as the array is necessarily of type StackType_t,
+     * configMINIMAL_STACK_SIZE is specified in words, not bytes. */
+    *pulTimerTaskStackSize = configTIMER_TASK_STACK_DEPTH;
+}
+/*-----------------------------------------------------------*/
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mbedtls_config.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mbedtls_config.h
new file mode 100644
index 000000000..5f4ac36d0
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mbedtls_config.h
@@ -0,0 +1,144 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/* This file configures mbed TLS for FreeRTOS. */
+
+#ifndef MBEDTLS_CONFIG_H_
+#define MBEDTLS_CONFIG_H_
+
+/* FreeRTOS include. */
+#include "FreeRTOS.h"
+
+/* Generate errors if deprecated functions are used. */
+#define MBEDTLS_DEPRECATED_REMOVED
+
+/* Place AES tables in ROM. */
+#define MBEDTLS_AES_ROM_TABLES
+
+/* Enable the following cipher modes. */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_CIPHER_MODE_CFB
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/* Enable the following cipher padding modes. */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/* Cipher suite configuration. */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_NIST_OPTIM
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/* Enable all SSL alert messages. */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
+/* Enable the following SSL features. */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#define MBEDTLS_SSL_PROTO_TLS1_2
+#define MBEDTLS_SSL_ALPN
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/* Check certificate key usage. */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/* Disable platform entropy functions. */
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/* Enable the following mbed TLS features. */
+#define MBEDTLS_CMAC_C
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+#define MBEDTLS_GCM_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PEM_WRITE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_THREADING_ALT
+#define MBEDTLS_THREADING_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CREATE_C
+#define MBEDTLS_X509_CSR_WRITE_C
+#define MBEDTLS_CMAC_C
+
+/* Set the memory allocation functions on FreeRTOS. */
+void * mbedtls_platform_calloc( size_t nmemb,
+                                size_t size );
+void mbedtls_platform_free( void * ptr );
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_CALLOC_MACRO    mbedtls_platform_calloc
+#define MBEDTLS_PLATFORM_FREE_MACRO      mbedtls_platform_free
+
+/* The network send and receive functions on FreeRTOS. */
+int mbedtls_platform_send( void * ctx,
+                           const unsigned char * buf,
+                           size_t len );
+int mbedtls_platform_recv( void * ctx,
+                           unsigned char * buf,
+                           size_t len );
+
+/* These two macro used by mbedtls_ssl_set_bio in using_mbedtls network
+ * transport layer. */
+#define MBEDTLS_SSL_SEND    mbedtls_platform_send
+#define MBEDTLS_SSL_RECV    mbedtls_platform_recv
+
+/* The entropy poll function. */
+int mbedtls_platform_entropy_poll( void * data,
+                                   unsigned char * output,
+                                   size_t len,
+                                   size_t * olen );
+
+#include "mbedtls/check_config.h"
+
+#endif /* ifndef MBEDTLS_CONFIG_H_ */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.c
new file mode 100644
index 000000000..a93f1e604
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.c
@@ -0,0 +1,1069 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/**
+ * @file mqtt_operations.c
+ *
+ * @brief This file provides wrapper functions for MQTT operations on a mutually
+ * authenticated TLS connection.
+ *
+ * A mutually authenticated TLS connection is used to connect to the AWS IoT
+ * MQTT message broker in this example. Run the setup script
+ * (fleet_provisioning_demo_setup.py) and define democonfigROOT_CA_PEM
+ * in demo_config.h to achieve mutual authentication.
+ */
+
+/* Standard includes. */
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+/* Config include. */
+#include "demo_config.h"
+
+/* Interface include. */
+#include "mqtt_operations.h"
+
+/* MbedTLS transport include. */
+#include "using_mbedtls_pkcs11.h"
+
+/*Include backoff algorithm header for retry logic.*/
+#include "backoff_algorithm.h"
+
+/**
+ * These configurations are required. Throw compilation error if the below
+ * configs are not defined.
+ */
+#ifndef democonfigMQTT_BROKER_ENDPOINT
+    #error "Please define AWS IoT MQTT broker endpoint(democonfigMQTT_BROKER_ENDPOINT) in demo_config.h."
+#endif
+#ifndef democonfigROOT_CA_PEM
+    #error "Please define the PEM-encoded Root CA certificate of the MQTT broker(democonfigROOT_CA_PEM) in demo_config.h."
+#endif
+#ifndef democonfigCLIENT_IDENTIFIER
+    #error "Please define a unique democonfigCLIENT_IDENTIFIER."
+#endif
+
+/**
+ * Provide default values for undefined configuration settings.
+ */
+#ifndef democonfigMQTT_BROKER_PORT
+    #define democonfigMQTT_BROKER_PORT    ( 8883 )
+#endif
+
+#ifndef democonfigNETWORK_BUFFER_SIZE
+    #define democonfigNETWORK_BUFFER_SIZE    ( 1024U )
+#endif
+
+/**
+ * @brief Length of the AWS IoT endpoint.
+ */
+#define democonfigMQTT_BROKER_ENDPOINT_LENGTH          ( ( uint16_t ) ( sizeof( democonfigMQTT_BROKER_ENDPOINT ) - 1 ) )
+
+/**
+ * @brief Length of the client identifier.
+ */
+#define mqttopCLIENT_IDENTIFIER_LENGTH                 ( ( uint16_t ) ( sizeof( democonfigCLIENT_IDENTIFIER ) - 1 ) )
+
+/**
+ * @brief ALPN protocol name for AWS IoT MQTT.
+ *
+ * This will be used if the democonfigMQTT_BROKER_PORT is configured as 443 for AWS IoT MQTT
+ * broker. Please see more details about the ALPN protocol for AWS IoT MQTT
+ * endpoint in the link below.
+ * https://aws.amazon.com/blogs/iot/mqtt-with-tls-client-authentication-on-port-443-why-it-is-useful-and-how-it-works/
+ *
+ * @note OpenSSL requires that the protocol string passed to it for configuration be encoded
+ * with the prefix of 8-bit length information of the string. Thus, the 14 byte (0x0e) length
+ * information is prefixed to the string.
+ */
+#define mqttopALPN_PROTOCOL_NAME                       "\x0ex-amzn-mqtt-ca"
+
+/**
+ * @brief Length of ALPN protocol name.
+ */
+#define mqttopALPN_PROTOCOL_NAME_LENGTH                ( ( uint16_t ) ( sizeof( mqttopALPN_PROTOCOL_NAME ) - 1 ) )
+
+/**
+ * @brief The maximum number of retries for connecting to server.
+ */
+#define mqttopCONNECTION_RETRY_MAX_ATTEMPTS            ( 5U )
+
+/**
+ * @brief The maximum back-off delay (in milliseconds) for retrying connection to server.
+ */
+#define mqttopCONNECTION_RETRY_MAX_BACKOFF_DELAY_MS    ( 5000U )
+
+/**
+ * @brief The base back-off delay (in milliseconds) to use for connection retry attempts.
+ */
+#define mqttopCONNECTION_RETRY_BACKOFF_BASE_MS         ( 500U )
+
+/**
+ * @brief Timeout for receiving CONNACK packet in milliseconds.
+ */
+#define mqttopCONNACK_RECV_TIMEOUT_MS                  ( 1000U )
+
+/**
+ * @brief Maximum number of outgoing publishes maintained in the application
+ * until an ack is received from the broker.
+ */
+#define mqttopMAX_OUTGOING_PUBLISHES                   ( 5U )
+
+/**
+ * @brief Invalid packet identifier for the MQTT packets. Zero is always an
+ * invalid packet identifier as per MQTT 3.1.1 spec.
+ */
+#define mqttopMQTT_PACKET_ID_INVALID                   ( ( uint16_t ) 0U )
+
+/**
+ * @brief Timeout for MQTT_ProcessLoop function in milliseconds.
+ */
+#define mqttopMQTT_PROCESS_LOOP_TIMEOUT_MS             ( 1000U )
+
+/**
+ * @brief The maximum time interval in seconds which is allowed to elapse
+ *  between two Control Packets.
+ *
+ *  It is the responsibility of the client to ensure that the interval between
+ *  control packets being sent does not exceed the this keep-alive value. In the
+ *  absence of sending any other control packets, the client MUST send a
+ *  PINGREQ packet.
+ */
+#define mqttopMQTT_KEEP_ALIVE_INTERVAL_SECONDS         ( 60U )
+
+/**
+ * @brief Timeout in milliseconds for transport send and receive.
+ */
+#define mqttopTRANSPORT_SEND_RECV_TIMEOUT_MS           ( 100U )
+
+/**
+ * @brief Milliseconds per second.
+ */
+#define mqttopMILLISECONDS_PER_SECOND                  ( 1000U )
+
+/**
+ * @brief Milliseconds per FreeRTOS tick.
+ */
+#define mqttopMILLISECONDS_PER_TICK                    ( mqttopMILLISECONDS_PER_SECOND / configTICK_RATE_HZ )
+
+/**
+ * @brief The MQTT metrics string expected by AWS IoT MQTT Broker.
+ */
+#define mqttopMETRICS_STRING                           "?SDK=" democonfigOS_NAME "&Version=" democonfigOS_VERSION "&Platform=" democonfigHARDWARE_PLATFORM_NAME "&MQTTLib=" democonfigMQTT_LIB
+
+/**
+ * @brief The length of the MQTT metrics string.
+ */
+#define mqttopMETRICS_STRING_LENGTH                    ( ( uint16_t ) ( sizeof( mqttopMETRICS_STRING ) - 1 ) )
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Structure to keep the MQTT publish packets until an ack is received
+ * for QoS1 publishes.
+ */
+typedef struct PublishPackets
+{
+    /**
+     * @brief Packet identifier of the publish packet.
+     */
+    uint16_t usPacketId;
+
+    /**
+     * @brief Publish info of the publish packet.
+     */
+    MQTTPublishInfo_t xPubInfo;
+} PublishPackets_t;
+
+/* Each compilation unit must define the NetworkContext struct. */
+struct NetworkContext
+{
+    SSLContext_t * pxParams;
+};
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Global entry time into the application to use as a reference timestamp
+ * in the #prvGetTimeMs function. #prvGetTimeMs will always return the difference
+ * between the current time and the global entry time. This will reduce the chances
+ * of overflow for the 32 bit unsigned integer used for holding the timestamp.
+ */
+static uint32_t ulGlobalEntryTimeMs;
+
+/**
+ * @brief Packet Identifier generated when Subscribe request was sent to the broker.
+ *
+ * It is used to match received Subscribe ACK to the transmitted subscribe
+ * request.
+ */
+static uint16_t usGlobalSubscribePacketIdentifier = 0U;
+
+/**
+ * @brief Packet Identifier generated when Unsubscribe request was sent to the broker.
+ *
+ * It is used to match received Unsubscribe ACK to the transmitted unsubscribe
+ * request.
+ */
+static uint16_t usGlobalUnsubscribePacketIdentifier = 0U;
+
+/**
+ * @brief Array to keep the outgoing publish messages.
+ *
+ * These stored outgoing publish messages are kept until a successful ack
+ * is received.
+ */
+static PublishPackets_t pxOutgoingPublishPackets[ mqttopMAX_OUTGOING_PUBLISHES ] = { 0 };
+
+/**
+ * @brief The network buffer must remain valid for the lifetime of the MQTT context.
+ */
+static uint8_t pucBuffer[ democonfigNETWORK_BUFFER_SIZE ];
+
+/**
+ * @brief The MQTT context used for MQTT operation.
+ */
+static MQTTContext_t xMqttContext = { 0 };
+
+/**
+ * @brief The network context used for MbedTLS operation.
+ */
+static NetworkContext_t xNetworkContext = { 0 };
+
+/**
+ * @brief The parameters for MbedTLS operation.
+ */
+static SSLContext_t xTlsContext = { 0 };
+
+/**
+ * @brief The flag to indicate that the mqtt session is established.
+ */
+static bool xMqttSessionEstablished = false;
+
+/**
+ * @brief Callback registered when calling xEstablishMqttSession to get incoming
+ * publish messages.
+ */
+static MQTTPublishCallback_t xAppPublishCallback = NULL;
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief The random number generator to use for exponential backoff with
+ * jitter retry logic.
+ *
+ * @return The generated random number.
+ */
+static uint32_t prvGenerateRandomNumber( void );
+
+/**
+ * @brief Connect to the MQTT broker with reconnection retries.
+ *
+ * If connection fails, retry is attempted after a timeout. Timeout value
+ * exponentially increases until maximum timeout value is reached or the number
+ * of attempts are exhausted.
+ *
+ * @param[out] pxNetworkContext The created network context.
+ * @param[in] pcClientCertLabel The client certificate PKCS #11 label to use.
+ * @param[in] pcPrivateKeyLabel The private key PKCS #11 label for the client certificate.
+ *
+ * @return false on failure; true on successful connection.
+ */
+static bool prvConnectToBrokerWithBackoffRetries( NetworkContext_t * pxNetworkContext,
+                                                  char * pcClientCertLabel,
+                                                  char * pcPrivateKeyLabel );
+
+/**
+ * @brief Get the free index in the #pxOutgoingPublishPackets array at which an
+ * outgoing publish can be stored.
+ *
+ * @param[out] pucIndex The index at which an outgoing publish can be stored.
+ *
+ * @return false if no more publishes can be stored;
+ * true if an index to store the next outgoing publish is obtained.
+ */
+static bool prvGetNextFreeIndexForOutgoingPublishes( uint8_t * pucIndex );
+
+/**
+ * @brief Clean up the outgoing publish at given index from the
+ * #pxOutgoingPublishPackets array.
+ *
+ * @param[in] ucIndex The ucIndex at which a publish message has to be cleaned up.
+ */
+static void prvCleanupOutgoingPublishAt( uint8_t ucIndex );
+
+/**
+ * @brief Clean up all the outgoing publishes in the #pxOutgoingPublishPackets array.
+ */
+static void prvCleanupOutgoingPublishes( void );
+
+/**
+ * @brief Clean up the publish packet with the given packet id in the
+ * #pxOutgoingPublishPackets array.
+ *
+ * @param[in] usPacketId Packet id of the packet to be clean.
+ */
+static void prvCleanupOutgoingPublishWithPacketID( uint16_t usPacketId );
+
+/**
+ * @brief Callback registered with the MQTT library.
+ *
+ * @param[in] pxMqttContext MQTT context pointer.
+ * @param[in] pxPacketInfo Packet Info pointer for the incoming packet.
+ * @param[in] pxDeserializedInfo Deserialized information from the incoming packet.
+ */
+static void prvMqttCallback( MQTTContext_t * pxMqttContext,
+                             MQTTPacketInfo_t * pxPacketInfo,
+                             MQTTDeserializedInfo_t * pxDeserializedInfo );
+
+/**
+ * @brief Resend the publishes if a session is re-established with the broker.
+ *
+ * This function handles the resending of the QoS1 publish packets, which are
+ * maintained locally.
+ *
+ * @param[in] pxMqttContext The MQTT context pointer.
+ *
+ * @return true if all the unacknowledged QoS1 publishes are re-sent successfully;
+ * false otherwise.
+ */
+static bool prvHandlePublishResend( MQTTContext_t * pxMqttContext );
+
+/**
+ * @brief The timer query function provided to the MQTT context.
+ *
+ * @return Time in milliseconds.
+ */
+static uint32_t prvGetTimeMs( void );
+
+/*-----------------------------------------------------------*/
+
+static uint32_t prvGenerateRandomNumber()
+{
+    return( ( uint32_t ) rand() );
+}
+
+/*-----------------------------------------------------------*/
+
+static bool prvConnectToBrokerWithBackoffRetries( NetworkContext_t * pxNetworkContext,
+                                                  char * pcClientCertLabel,
+                                                  char * pcPrivateKeyLabel )
+{
+    bool xReturnStatus = false;
+    BackoffAlgorithmStatus_t xBackoffAlgStatus = BackoffAlgorithmSuccess;
+    TlsTransportStatus_t xTlsStatus = TLS_TRANSPORT_SUCCESS;
+    BackoffAlgorithmContext_t xReconnectParams;
+    NetworkCredentials_t xTlsCredentials = { 0 };
+    uint16_t usNextRetryBackOff = 0U;
+    const char * pcAlpn[] = { mqttopALPN_PROTOCOL_NAME, NULL };
+
+    /* Set the pParams member of the network context with desired transport. */
+    pxNetworkContext->pxParams = &xTlsContext;
+
+    /* Initialize credentials for establishing TLS session. */
+    xTlsCredentials.pRootCa = democonfigROOT_CA_PEM;
+    xTlsCredentials.rootCaSize = sizeof( democonfigROOT_CA_PEM );
+    xTlsCredentials.pClientCertLabel = pcClientCertLabel;
+    xTlsCredentials.pPrivateKeyLabel = pcPrivateKeyLabel;
+
+    /* AWS IoT requires devices to send the Server Name Indication (SNI)
+     * extension to the Transport Layer Security (TLS) protocol and provide
+     * the complete endpoint address in the host_name field. Details about
+     * SNI for AWS IoT can be found in the link below.
+     * https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html
+     */
+    xTlsCredentials.disableSni = false;
+
+    if( democonfigMQTT_BROKER_PORT == 443 )
+    {
+        /* Pass the ALPN protocol name depending on the port being used.
+         * Please see more details about the ALPN protocol for AWS IoT MQTT endpoint
+         * in the link below.
+         * https://aws.amazon.com/blogs/iot/mqtt-with-tls-client-authentication-on-port-443-why-it-is-useful-and-how-it-works/
+         */
+        xTlsCredentials.pAlpnProtos = pcAlpn;
+    }
+
+    /* Initialize reconnect attempts and interval */
+    BackoffAlgorithm_InitializeParams( &xReconnectParams,
+                                       mqttopCONNECTION_RETRY_BACKOFF_BASE_MS,
+                                       mqttopCONNECTION_RETRY_MAX_BACKOFF_DELAY_MS,
+                                       mqttopCONNECTION_RETRY_MAX_ATTEMPTS );
+
+    do
+    {
+        /* Establish a TLS session with the MQTT broker. This example connects
+         * to the MQTT broker as specified in democonfigMQTT_BROKER_ENDPOINT and democonfigMQTT_BROKER_PORT
+         * at the demo config header. */
+        LogDebug( ( "Establishing a TLS session to %.*s:%d.",
+                    democonfigMQTT_BROKER_ENDPOINT_LENGTH,
+                    democonfigMQTT_BROKER_ENDPOINT,
+                    democonfigMQTT_BROKER_PORT ) );
+
+        xTlsStatus = TLS_FreeRTOS_Connect( pxNetworkContext,
+                                           democonfigMQTT_BROKER_ENDPOINT,
+                                           democonfigMQTT_BROKER_PORT,
+                                           &xTlsCredentials,
+                                           mqttopTRANSPORT_SEND_RECV_TIMEOUT_MS, mqttopTRANSPORT_SEND_RECV_TIMEOUT_MS );
+
+        if( xTlsStatus == TLS_TRANSPORT_SUCCESS )
+        {
+            /* Connection successful. */
+            xReturnStatus = true;
+        }
+        else
+        {
+            /* Generate a random number and get back-off value (in milliseconds) for the next connection retry. */
+            xBackoffAlgStatus = BackoffAlgorithm_GetNextBackoff( &xReconnectParams, prvGenerateRandomNumber(), &usNextRetryBackOff );
+
+            if( xBackoffAlgStatus == BackoffAlgorithmRetriesExhausted )
+            {
+                LogError( ( "Connection to the broker failed, all attempts exhausted." ) );
+            }
+            else if( xBackoffAlgStatus == BackoffAlgorithmSuccess )
+            {
+                LogWarn( ( "Connection to the broker failed. Retrying connection "
+                           "after %hu ms backoff.",
+                           ( unsigned short ) usNextRetryBackOff ) );
+                vTaskDelay( pdMS_TO_TICKS( usNextRetryBackOff ) );
+            }
+        }
+    } while( ( xTlsStatus != TLS_TRANSPORT_SUCCESS ) && ( xBackoffAlgStatus == BackoffAlgorithmSuccess ) );
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+static bool prvGetNextFreeIndexForOutgoingPublishes( uint8_t * pucIndex )
+{
+    bool xReturnStatus = false;
+    uint8_t ucIndex = 0;
+
+    configASSERT( pxOutgoingPublishPackets != NULL );
+    configASSERT( pucIndex != NULL );
+
+    for( ucIndex = 0; ucIndex < mqttopMAX_OUTGOING_PUBLISHES; ucIndex++ )
+    {
+        /* A free index is marked by invalid packet id. Check if the the index
+         * has a free slot. */
+        if( pxOutgoingPublishPackets[ ucIndex ].usPacketId == mqttopMQTT_PACKET_ID_INVALID )
+        {
+            xReturnStatus = true;
+            break;
+        }
+    }
+
+    /* Copy the available index into the output param. */
+    if( xReturnStatus == true )
+    {
+        *pucIndex = ucIndex;
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+static void prvCleanupOutgoingPublishAt( uint8_t ucIndex )
+{
+    configASSERT( pxOutgoingPublishPackets != NULL );
+    configASSERT( ucIndex < mqttopMAX_OUTGOING_PUBLISHES );
+
+    /* Clear the outgoing publish packet. */
+    ( void ) memset( &( pxOutgoingPublishPackets[ ucIndex ] ),
+                     0x00,
+                     sizeof( pxOutgoingPublishPackets[ ucIndex ] ) );
+}
+/*-----------------------------------------------------------*/
+
+static void prvCleanupOutgoingPublishes( void )
+{
+    configASSERT( pxOutgoingPublishPackets != NULL );
+
+    /* Clean up all the outgoing publish packets. */
+    ( void ) memset( pxOutgoingPublishPackets, 0x00, sizeof( pxOutgoingPublishPackets ) );
+}
+/*-----------------------------------------------------------*/
+
+static void prvCleanupOutgoingPublishWithPacketID( uint16_t usPacketId )
+{
+    uint8_t ucIndex = 0;
+
+    configASSERT( pxOutgoingPublishPackets != NULL );
+    configASSERT( usPacketId != mqttopMQTT_PACKET_ID_INVALID );
+
+    /* Clean up the saved outgoing publish with packet Id equal to usPacketId. */
+    for( ucIndex = 0; ucIndex < mqttopMAX_OUTGOING_PUBLISHES; ucIndex++ )
+    {
+        if( pxOutgoingPublishPackets[ ucIndex ].usPacketId == usPacketId )
+        {
+            prvCleanupOutgoingPublishAt( ucIndex );
+
+            LogDebug( ( "Cleaned up outgoing publish packet with packet id %u.",
+                        usPacketId ) );
+
+            break;
+        }
+    }
+}
+/*-----------------------------------------------------------*/
+
+static void prvMqttCallback( MQTTContext_t * pxMqttContext,
+                             MQTTPacketInfo_t * pxPacketInfo,
+                             MQTTDeserializedInfo_t * pxDeserializedInfo )
+{
+    uint16_t usPacketIdentifier;
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pxPacketInfo != NULL );
+    configASSERT( pxDeserializedInfo != NULL );
+
+    /* Suppress the unused parameter warning when asserts are disabled in
+     * build. */
+    ( void ) pxMqttContext;
+
+    usPacketIdentifier = pxDeserializedInfo->packetIdentifier;
+
+    /* Handle an incoming publish. The lower 4 bits of the publish packet
+     * type is used for the dup, QoS, and retain flags. Hence masking
+     * out the lower bits to check if the packet is publish. */
+    if( ( pxPacketInfo->type & 0xF0U ) == MQTT_PACKET_TYPE_PUBLISH )
+    {
+        configASSERT( pxDeserializedInfo->pPublishInfo != NULL );
+
+        /* Invoke the application callback for incoming publishes. */
+        if( xAppPublishCallback != NULL )
+        {
+            xAppPublishCallback( pxDeserializedInfo->pPublishInfo, usPacketIdentifier );
+        }
+    }
+    else
+    {
+        /* Handle other packets. */
+        switch( pxPacketInfo->type )
+        {
+            case MQTT_PACKET_TYPE_SUBACK:
+                LogDebug( ( "MQTT Packet type SUBACK received." ) );
+
+                /* Make sure the ACK packet identifier matches with the request
+                 * packet identifier. */
+                configASSERT( usGlobalSubscribePacketIdentifier == usPacketIdentifier );
+                break;
+
+            case MQTT_PACKET_TYPE_UNSUBACK:
+                LogDebug( ( "MQTT Packet type UNSUBACK received." ) );
+
+                /* Make sure the ACK packet identifier matches with the request
+                 * packet identifier. */
+                configASSERT( usGlobalUnsubscribePacketIdentifier == usPacketIdentifier );
+                break;
+
+            case MQTT_PACKET_TYPE_PINGRESP:
+
+                /* We do not expect to receive PINGRESP as we are using
+                 * MQTT_ProcessLoop. */
+                LogWarn( ( "PINGRESP should not be received by the application "
+                           "callback when using MQTT_ProcessLoop." ) );
+                break;
+
+            case MQTT_PACKET_TYPE_PUBACK:
+                LogDebug( ( "PUBACK received for packet id %u.",
+                            usPacketIdentifier ) );
+
+                /* Cleanup the publish packet from the #pxOutgoingPublishPackets
+                 * array when a PUBACK is received. */
+                prvCleanupOutgoingPublishWithPacketID( usPacketIdentifier );
+                break;
+
+            /* Any other packet type is invalid. */
+            default:
+                LogError( ( "Unknown packet type received:(%02x).",
+                            pxPacketInfo->type ) );
+        }
+    }
+}
+/*-----------------------------------------------------------*/
+
+static bool prvHandlePublishResend( MQTTContext_t * pxMqttContext )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus = MQTTSuccess;
+    uint8_t ucIndex = 0U;
+
+    configASSERT( pxOutgoingPublishPackets != NULL );
+
+    /* Resend all the QoS1 publishes still in the #pxOutgoingPublishPackets array.
+     * These are the publishes that haven't received a PUBACK yet. When a PUBACK
+     * is received, the corresponding publish is removed from the array. */
+    for( ucIndex = 0U; ucIndex < mqttopMAX_OUTGOING_PUBLISHES; ucIndex++ )
+    {
+        if( pxOutgoingPublishPackets[ ucIndex ].usPacketId != mqttopMQTT_PACKET_ID_INVALID )
+        {
+            pxOutgoingPublishPackets[ ucIndex ].xPubInfo.dup = true;
+
+            LogDebug( ( "Sending duplicate PUBLISH with packet id %u.",
+                        pxOutgoingPublishPackets[ ucIndex ].usPacketId ) );
+            xMqttStatus = MQTT_Publish( pxMqttContext,
+                                        &pxOutgoingPublishPackets[ ucIndex ].xPubInfo,
+                                        pxOutgoingPublishPackets[ ucIndex ].usPacketId );
+
+            if( xMqttStatus != MQTTSuccess )
+            {
+                LogError( ( "Sending duplicate PUBLISH for packet id %u "
+                            " failed with status %s.",
+                            pxOutgoingPublishPackets[ ucIndex ].usPacketId,
+                            MQTT_Status_strerror( xMqttStatus ) ) );
+                break;
+            }
+            else
+            {
+                LogDebug( ( "Sent duplicate PUBLISH successfully for packet id %u.",
+                            pxOutgoingPublishPackets[ ucIndex ].usPacketId ) );
+            }
+        }
+    }
+
+    /* Were all the unacknowledged QoS1 publishes successfully re-sent? */
+    if( ucIndex == mqttopMAX_OUTGOING_PUBLISHES )
+    {
+        xReturnStatus = true;
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xEstablishMqttSession( MQTTPublishCallback_t xPublishCallback,
+                            char * pcClientCertLabel,
+                            char * pcPrivateKeyLabel )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus;
+    MQTTConnectInfo_t xConnectInfo;
+    MQTTFixedBuffer_t xNetworkBuffer;
+    TransportInterface_t xTransport;
+    bool xCreateCleanSession = false;
+    MQTTContext_t * pxMqttContext = &xMqttContext;
+    NetworkContext_t * pxNetworkContext = &xNetworkContext;
+    bool xSessionPresent = false;
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pxNetworkContext != NULL );
+
+    /* Initialize the mqtt context and network context. */
+    ( void ) memset( pxMqttContext, 0U, sizeof( MQTTContext_t ) );
+    ( void ) memset( pxNetworkContext, 0U, sizeof( NetworkContext_t ) );
+
+    xReturnStatus = prvConnectToBrokerWithBackoffRetries( pxNetworkContext,
+                                                          pcClientCertLabel,
+                                                          pcPrivateKeyLabel );
+
+    if( xReturnStatus != true )
+    {
+        /* Log an error to indicate connection failure after all
+         * reconnect attempts are over. */
+        LogError( ( "Failed to connect to MQTT broker %.*s.",
+                    democonfigMQTT_BROKER_ENDPOINT_LENGTH,
+                    democonfigMQTT_BROKER_ENDPOINT ) );
+    }
+    else
+    {
+        /* Fill in TransportInterface send and receive function pointers.
+         * For this demo, TCP sockets are used to send and receive data
+         * from the network. pxNetworkContext is an SSL context for OpenSSL.*/
+        xTransport.pNetworkContext = pxNetworkContext;
+        xTransport.send = TLS_FreeRTOS_send;
+        xTransport.recv = TLS_FreeRTOS_recv;
+
+        /* Fill the values for network buffer. */
+        xNetworkBuffer.pBuffer = pucBuffer;
+        xNetworkBuffer.size = democonfigNETWORK_BUFFER_SIZE;
+
+        /* Remember the publish callback supplied. */
+        xAppPublishCallback = xPublishCallback;
+
+        /* Initialize the MQTT library. */
+        xMqttStatus = MQTT_Init( pxMqttContext,
+                                 &xTransport,
+                                 prvGetTimeMs,
+                                 prvMqttCallback,
+                                 &xNetworkBuffer );
+
+        if( xMqttStatus != MQTTSuccess )
+        {
+            xReturnStatus = false;
+            LogError( ( "MQTT init failed with status %s.",
+                        MQTT_Status_strerror( xMqttStatus ) ) );
+        }
+        else
+        {
+            /* Establish an MQTT session by sending a CONNECT packet. */
+
+            /* If #xCreateCleanSession is true, start with a clean session
+             * i.e. direct the MQTT broker to discard any previous session data.
+             * If #xCreateCleanSession is false, direct the broker to attempt to
+             * reestablish a session which was already present. */
+            xConnectInfo.cleanSession = xCreateCleanSession;
+
+            /* The client identifier is used to uniquely identify this MQTT client to
+             * the MQTT broker. In a production device the identifier can be something
+             * unique, such as a device serial number. */
+            xConnectInfo.pClientIdentifier = democonfigCLIENT_IDENTIFIER;
+            xConnectInfo.clientIdentifierLength = mqttopCLIENT_IDENTIFIER_LENGTH;
+
+            /* The maximum time interval in seconds which is allowed to elapse
+             * between two Control Packets.
+             * It is the responsibility of the client to ensure that the interval between
+             * control packets being sent does not exceed the this keep-alive value. In the
+             * absence of sending any other control packets, the client MUST send a
+             * PINGREQ packet. */
+            xConnectInfo.keepAliveSeconds = mqttopMQTT_KEEP_ALIVE_INTERVAL_SECONDS;
+
+            /* Username and password for authentication. Not used in this demo. */
+            xConnectInfo.pUserName = mqttopMETRICS_STRING;
+            xConnectInfo.userNameLength = mqttopMETRICS_STRING_LENGTH;
+            xConnectInfo.pPassword = NULL;
+            xConnectInfo.passwordLength = 0U;
+
+            /* Send an MQTT CONNECT packet to the broker. */
+            xMqttStatus = MQTT_Connect( pxMqttContext,
+                                        &xConnectInfo,
+                                        NULL,
+                                        mqttopCONNACK_RECV_TIMEOUT_MS,
+                                        &xSessionPresent );
+
+            if( xMqttStatus != MQTTSuccess )
+            {
+                xReturnStatus = false;
+                LogError( ( "Connection with MQTT broker failed with status %s.",
+                            MQTT_Status_strerror( xMqttStatus ) ) );
+            }
+            else
+            {
+                LogDebug( ( "MQTT connection successfully established with broker." ) );
+            }
+        }
+
+        if( xReturnStatus == true )
+        {
+            /* Keep a flag for indicating if MQTT session is established. This
+             * flag will mark that an MQTT DISCONNECT has to be sent at the end
+             * of the demo even if there are intermediate failures. */
+            xMqttSessionEstablished = true;
+        }
+
+        if( xReturnStatus == true )
+        {
+            /* Check if a session is present and if there are any outgoing
+             * publishes that need to be resent. Resending unacknowledged
+             * publishes is needed only if the broker is re-establishing a
+             * session that was already present. */
+            if( xSessionPresent == true )
+            {
+                LogDebug( ( "An MQTT session with broker is re-established. "
+                            "Resending unacked publishes." ) );
+
+                /* Handle all the resend of publish messages. */
+                xReturnStatus = prvHandlePublishResend( &xMqttContext );
+            }
+            else
+            {
+                LogDebug( ( "A clean MQTT connection is established."
+                            " Cleaning up all the stored outgoing publishes." ) );
+
+                /* Clean up the outgoing publishes waiting for ack as this new
+                 * connection doesn't re-establish an existing session. */
+                prvCleanupOutgoingPublishes();
+            }
+        }
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xDisconnectMqttSession( void )
+{
+    MQTTStatus_t xMqttStatus = MQTTSuccess;
+    bool xReturnStatus = false;
+    MQTTContext_t * pxMqttContext = &xMqttContext;
+    NetworkContext_t * pxNetworkContext = &xNetworkContext;
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pxNetworkContext != NULL );
+
+    if( xMqttSessionEstablished == true )
+    {
+        /* Send DISCONNECT. */
+        xMqttStatus = MQTT_Disconnect( pxMqttContext );
+
+        if( xMqttStatus != MQTTSuccess )
+        {
+            LogError( ( "Sending MQTT DISCONNECT failed with status=%u.",
+                        xMqttStatus ) );
+        }
+        else
+        {
+            /* MQTT DISCONNECT sent successfully. */
+            xReturnStatus = true;
+        }
+    }
+
+    /* End TLS session, then close TCP connection. */
+    ( void ) TLS_FreeRTOS_Disconnect( pxNetworkContext );
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xSubscribeToTopic( const char * pcTopicFilter,
+                        uint16_t usTopicFilterLength )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus;
+    MQTTContext_t * pxMqttContext = &xMqttContext;
+    MQTTSubscribeInfo_t pxSubscriptionList[ 1 ];
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pcTopicFilter != NULL );
+    configASSERT( usTopicFilterLength > 0 );
+
+    /* Start with everything at 0. */
+    ( void ) memset( ( void * ) pxSubscriptionList, 0x00, sizeof( pxSubscriptionList ) );
+
+    /* This example subscribes to only one topic and uses QOS1. */
+    pxSubscriptionList[ 0 ].qos = MQTTQoS1;
+    pxSubscriptionList[ 0 ].pTopicFilter = pcTopicFilter;
+    pxSubscriptionList[ 0 ].topicFilterLength = usTopicFilterLength;
+
+    /* Generate packet identifier for the SUBSCRIBE packet. */
+    usGlobalSubscribePacketIdentifier = MQTT_GetPacketId( pxMqttContext );
+
+    /* Send SUBSCRIBE packet. */
+    xMqttStatus = MQTT_Subscribe( pxMqttContext,
+                                  pxSubscriptionList,
+                                  sizeof( pxSubscriptionList ) / sizeof( MQTTSubscribeInfo_t ),
+                                  usGlobalSubscribePacketIdentifier );
+
+    if( xMqttStatus != MQTTSuccess )
+    {
+        LogError( ( "Failed to send SUBSCRIBE packet to broker with error = %s.",
+                    MQTT_Status_strerror( xMqttStatus ) ) );
+    }
+    else
+    {
+        LogDebug( ( "SUBSCRIBE topic %.*s to broker.",
+                    usTopicFilterLength,
+                    pcTopicFilter ) );
+
+        /* Process incoming packet from the broker. Acknowledgment for subscription
+         * ( SUBACK ) will be received here. However after sending the subscribe, the
+         * client may receive a publish before it receives a subscribe ack. Since this
+         * demo is subscribing to the topic to which no one is publishing, probability
+         * of receiving publish message before subscribe ack is zero; but application
+         * must be ready to receive any packet. This demo uses MQTT_ProcessLoop to
+         * receive packet from network. */
+        xMqttStatus = MQTT_ProcessLoop( pxMqttContext, mqttopMQTT_PROCESS_LOOP_TIMEOUT_MS );
+
+        if( xMqttStatus != MQTTSuccess )
+        {
+            LogError( ( "MQTT_ProcessLoop returned with status = %s.",
+                        MQTT_Status_strerror( xMqttStatus ) ) );
+        }
+        else
+        {
+            xReturnStatus = true;
+        }
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xUnsubscribeFromTopic( const char * pcTopicFilter,
+                            uint16_t usTopicFilterLength )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus;
+    MQTTContext_t * pxMqttContext = &xMqttContext;
+    MQTTSubscribeInfo_t pxSubscriptionList[ 1 ];
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pcTopicFilter != NULL );
+    configASSERT( usTopicFilterLength > 0 );
+
+    /* Start with everything at 0. */
+    ( void ) memset( ( void * ) pxSubscriptionList, 0x00, sizeof( pxSubscriptionList ) );
+
+    /* This example subscribes to only one topic and uses QOS1. */
+    pxSubscriptionList[ 0 ].qos = MQTTQoS1;
+    pxSubscriptionList[ 0 ].pTopicFilter = pcTopicFilter;
+    pxSubscriptionList[ 0 ].topicFilterLength = usTopicFilterLength;
+
+    /* Generate packet identifier for the UNSUBSCRIBE packet. */
+    usGlobalUnsubscribePacketIdentifier = MQTT_GetPacketId( pxMqttContext );
+
+    /* Send UNSUBSCRIBE packet. */
+    xMqttStatus = MQTT_Unsubscribe( pxMqttContext,
+                                    pxSubscriptionList,
+                                    sizeof( pxSubscriptionList ) / sizeof( MQTTSubscribeInfo_t ),
+                                    usGlobalUnsubscribePacketIdentifier );
+
+    if( xMqttStatus != MQTTSuccess )
+    {
+        LogError( ( "Failed to send UNSUBSCRIBE packet to broker with error = %s.",
+                    MQTT_Status_strerror( xMqttStatus ) ) );
+    }
+    else
+    {
+        LogDebug( ( "UNSUBSCRIBE sent topic %.*s to broker.",
+                    usTopicFilterLength,
+                    pcTopicFilter ) );
+
+        /* Process incoming packet from the broker. Acknowledgment for unsubscribe
+         * operation ( UNSUBACK ) will be received here. This demo uses
+         * MQTT_ProcessLoop to receive packet from network. */
+        xMqttStatus = MQTT_ProcessLoop( pxMqttContext, mqttopMQTT_PROCESS_LOOP_TIMEOUT_MS );
+
+        if( xMqttStatus != MQTTSuccess )
+        {
+            LogError( ( "MQTT_ProcessLoop returned with status = %s.",
+                        MQTT_Status_strerror( xMqttStatus ) ) );
+        }
+        else
+        {
+            xReturnStatus = true;
+        }
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xPublishToTopic( const char * pcTopicFilter,
+                      uint16_t usTopicFilterLength,
+                      const char * pcPayload,
+                      size_t xPayloadLength )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus = MQTTSuccess;
+    uint8_t ucPublishIndex = mqttopMAX_OUTGOING_PUBLISHES;
+    MQTTContext_t * pxMqttContext = &xMqttContext;
+
+    configASSERT( pxMqttContext != NULL );
+    configASSERT( pcTopicFilter != NULL );
+    configASSERT( usTopicFilterLength > 0 );
+
+    /* Get the next free index for the outgoing publish. All QoS1 outgoing
+     * publishes are stored until a PUBACK is received. These messages are
+     * stored for supporting a resend if a network connection is broken before
+     * receiving a PUBACK. */
+    xReturnStatus = prvGetNextFreeIndexForOutgoingPublishes( &ucPublishIndex );
+
+    if( xReturnStatus == false )
+    {
+        LogError( ( "Unable to find a free spot for outgoing PUBLISH message." ) );
+    }
+    else
+    {
+        LogDebug( ( "Published payload: %.*s",
+                    ( int ) xPayloadLength,
+                    ( const char * ) pcPayload ) );
+
+        /* This example publishes to only one topic and uses QOS1. */
+        pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo.qos = MQTTQoS1;
+        pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo.pTopicName = pcTopicFilter;
+        pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo.topicNameLength = usTopicFilterLength;
+        pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo.pPayload = pcPayload;
+        pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo.payloadLength = xPayloadLength;
+
+        /* Get a new packet id. */
+        pxOutgoingPublishPackets[ ucPublishIndex ].usPacketId = MQTT_GetPacketId( pxMqttContext );
+
+        /* Send PUBLISH packet. */
+        xMqttStatus = MQTT_Publish( pxMqttContext,
+                                    &pxOutgoingPublishPackets[ ucPublishIndex ].xPubInfo,
+                                    pxOutgoingPublishPackets[ ucPublishIndex ].usPacketId );
+
+        if( xMqttStatus != MQTTSuccess )
+        {
+            LogError( ( "Failed to send PUBLISH packet to broker with error = %s.",
+                        MQTT_Status_strerror( xMqttStatus ) ) );
+            prvCleanupOutgoingPublishAt( ucPublishIndex );
+            xReturnStatus = false;
+        }
+        else
+        {
+            LogDebug( ( "PUBLISH sent for topic %.*s to broker with packet ID %u.",
+                        usTopicFilterLength,
+                        pcTopicFilter,
+                        pxOutgoingPublishPackets[ ucPublishIndex ].usPacketId ) );
+        }
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+bool xProcessLoop( void )
+{
+    bool xReturnStatus = false;
+    MQTTStatus_t xMqttStatus = MQTTSuccess;
+
+    xMqttStatus = MQTT_ProcessLoop( &xMqttContext, mqttopMQTT_PROCESS_LOOP_TIMEOUT_MS );
+
+    if( xMqttStatus != MQTTSuccess )
+    {
+        LogError( ( "MQTT_ProcessLoop returned with status = %s.",
+                    MQTT_Status_strerror( xMqttStatus ) ) );
+    }
+    else
+    {
+        LogDebug( ( "MQTT_ProcessLoop successful." ) );
+        xReturnStatus = true;
+    }
+
+    return xReturnStatus;
+}
+/*-----------------------------------------------------------*/
+
+static uint32_t prvGetTimeMs( void )
+{
+    TickType_t xTickCount = 0;
+    uint32_t ulTimeMs = 0UL;
+
+    /* Get the current tick count. */
+    xTickCount = xTaskGetTickCount();
+
+    /* Convert the ticks to milliseconds. */
+    ulTimeMs = ( uint32_t ) xTickCount * mqttopMILLISECONDS_PER_TICK;
+
+    /* Reduce ulGlobalEntryTimeMs from obtained time so as to always return the
+     * elapsed time in the application. */
+    ulTimeMs = ( uint32_t ) ( ulTimeMs - ulGlobalEntryTimeMs );
+
+    return ulTimeMs;
+}
+
+/*-----------------------------------------------------------*/
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.h
new file mode 100644
index 000000000..35594a280
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/mqtt_operations.h
@@ -0,0 +1,116 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef MQTT_OPERATIONS_H_
+#define MQTT_OPERATIONS_H_
+
+/* MQTT API header. */
+#include "core_mqtt.h"
+
+/* corePKCS11 include. */
+#include "core_pkcs11.h"
+
+/**
+ * @brief Application callback type to handle the incoming publishes.
+ *
+ * @param[in] pxPublishInfo Pointer to publish info of the incoming publish.
+ * @param[in] usPacketIdentifier Packet identifier of the incoming publish.
+ */
+typedef void (* MQTTPublishCallback_t )( MQTTPublishInfo_t * pxPublishInfo,
+                                         uint16_t usPacketIdentifier );
+
+/**
+ * @brief Establish a MQTT connection.
+ *
+ * @param[in] xPublishCallback The callback function to receive incoming
+ * publishes from the MQTT broker.
+ * @param[in] pcClientCertLabel The client certificate PKCS #11 label to use.
+ * @param[in] pcPrivateKeyLabel The private key PKCS #11 label for the client certificate.
+ *
+ * @return true if an MQTT session is established;
+ * false otherwise.
+ */
+bool xEstablishMqttSession( MQTTPublishCallback_t xPublishCallback,
+                            char * pcClientCertLabel,
+                            char * pcPrivateKeyLabel );
+
+/**
+ * @brief Disconnect the MQTT connection.
+ *
+ * @return true if the MQTT session was successfully disconnected;
+ * false otherwise.
+ */
+bool xDisconnectMqttSession( void );
+
+/**
+ * @brief Subscribe to a MQTT topic filter.
+ *
+ * @param[in] pcTopicFilter The topic filter to subscribe to.
+ * @param[in] usTopicFilterLength Length of the topic buffer.
+ *
+ * @return true if subscribe operation was successful;
+ * false otherwise.
+ */
+bool xSubscribeToTopic( const char * pcTopicFilter,
+                        uint16_t usTopicFilterLength );
+
+/**
+ * @brief Unsubscribe from a MQTT topic filter.
+ *
+ * @param[in] pcTopicFilter The topic filter to unsubscribe from.
+ * @param[in] usTopicFilterLength Length of the topic buffer.
+ *
+ * @return true if unsubscribe operation was successful;
+ * false otherwise.
+ */
+bool xUnsubscribeFromTopic( const char * pcTopicFilter,
+                            uint16_t usTopicFilterLength );
+
+/**
+ * @brief Publish a message to a MQTT topic.
+ *
+ * @param[in] pcTopic The topic to publish the message on.
+ * @param[in] usTopicLength Length of the topic.
+ * @param[in] pcMessage The message to publish.
+ * @param[in] xMessageLength Length of the message.
+ *
+ * @return true if PUBLISH was successfully sent;
+ * false otherwise.
+ */
+bool xPublishToTopic( const char * pcTopic,
+                      uint16_t usTopicLength,
+                      const char * pcMessage,
+                      size_t xMessageLength );
+
+/**
+ * @brief Invoke the core MQTT library's process loop function.
+ *
+ * @return true if process loop was successful;
+ * false otherwise.
+ */
+bool xProcessLoop( void );
+
+#endif /* ifndef MQTT_OPERATIONS_H_ */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c
new file mode 100644
index 000000000..9b5a34b98
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c
@@ -0,0 +1,691 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/**
+ * @file pkcs11_operations.c
+ *
+ * @brief This file provides wrapper functions for PKCS11 operations.
+ */
+
+/* Standard includes. */
+#include <errno.h>
+#include <assert.h>
+
+/* Config include. */
+#include "demo_config.h"
+
+/* Interface include. */
+#include "pkcs11_operations.h"
+
+/* PKCS #11 include. */
+#include "core_pkcs11_config.h"
+#include "core_pki_utils.h"
+#include "mbedtls_utils.h"
+
+/* MbedTLS include. */
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+
+/**
+ * @brief Represents string to be logged when mbedTLS returned error
+ * does not contain a high-level code.
+ */
+static const char * pcNoHighLevelMbedTlsCodeStr = "<No-High-Level-Code>";
+
+/**
+ * @brief Represents string to be logged when mbedTLS returned error
+ * does not contain a low-level code.
+ */
+static const char * pcNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>";
+
+/**
+ * @brief Utility for converting the high-level code in an mbedTLS error to
+ * string, if the code-contains a high-level code; otherwise, using a default
+ * string.
+ */
+#define mbedtlsHighLevelCodeOrDefault( mbedTlsCode )     \
+    ( mbedtls_high_level_strerr( mbedTlsCode ) != NULL ) \
+    ? mbedtls_high_level_strerr( mbedTlsCode )           \
+    : pcNoHighLevelMbedTlsCodeStr
+
+/**
+ * @brief Utility for converting the level-level code in an mbedTLS error to
+ * string, if the code-contains a level-level code; otherwise, using a default
+ * string.
+ */
+#define mbedtlsLowLevelCodeOrDefault( mbedTlsCode )     \
+    ( mbedtls_low_level_strerr( mbedTlsCode ) != NULL ) \
+    ? mbedtls_low_level_strerr( mbedTlsCode )           \
+    : pcNoLowLevelMbedTlsCodeStr
+
+/**
+ * @brief Struct containing parameters needed by the signing callback.
+ */
+typedef struct SigningCallbackContext
+{
+    CK_SESSION_HANDLE p11Session;
+    CK_OBJECT_HANDLE p11PrivateKey;
+} SigningCallbackContext_t;
+
+/**
+ * @brief Parameters for the signing callback. This needs to be global as
+ * MbedTLS passes the key context to the signing function, so we cannot pass
+ * our own.
+ */
+static SigningCallbackContext_t xSigningContext = { 0 };
+
+/*-----------------------------------------------------------*/
+
+/**
+ * @brief Delete the specified crypto object from storage.
+ *
+ * @param[in] xSession The PKCS #11 session.
+ * @param[in] pxPkcsLabelsPtr The list of labels to remove.
+ * @param[in] pxClass The list of corresponding classes.
+ * @param[in] xCount The length of #pxPkcsLabelsPtr and #pxClass.
+ */
+static CK_RV prvDestroyProvidedObjects( CK_SESSION_HANDLE xSession,
+                                        CK_BYTE_PTR * pxPkcsLabelsPtr,
+                                        CK_OBJECT_CLASS * pxClass,
+                                        CK_ULONG xCount );
+
+/**
+ * @brief Read the specified ECDSA public key into the MbedTLS ECDSA context.
+ *
+ * @param[in] xP11Session The PKCS #11 session.
+ * @param[in] pxEcdsaContext The context in which to store the key.
+ * @param[in] xPublicKey The public key to read.
+ */
+static int prvExtractEcPublicKey( CK_SESSION_HANDLE xP11Session,
+                                  mbedtls_ecdsa_context * pxEcdsaContext,
+                                  CK_OBJECT_HANDLE xPublicKey );
+
+/**
+ * @brief MbedTLS callback for signing using the provisioned private key. Used for
+ * signing the CSR.
+ *
+ * @param[in] pxContext Unused.
+ * @param[in] xMdAlg Unused.
+ * @param[in] pucHash Data to sign.
+ * @param[in] xHashLen Length of #pucHash.
+ * @param[out] pucSig The signature
+ * @param[out] pxSigLen The length of the signature.
+ * @param[in] pxRng Unused.
+ * @param[in] pxRngContext Unused.
+ */
+static int32_t prvPrivateKeySigningCallback( void * pxContext,
+                                             mbedtls_md_type_t xMdAlg,
+                                             const unsigned char * pucHash,
+                                             size_t xHashLen,
+                                             unsigned char * pucSig,
+                                             size_t * pxSigLen,
+                                             int ( * pxRng )( void *, unsigned char *, size_t ),
+                                             void * pxRngContext );
+
+/**
+ * @brief MbedTLS random generation callback to generate random values with
+ * PKCS #11.
+ *
+ * @param[in] pxCtx Pointer to the PKCS #11 session handle.
+ * @param[out] pucRandom Buffer to write random data to.
+ * @param[in] xRandomLength Length of random data to write.
+ */
+static int prvRandomCallback( void * pxCtx,
+                              unsigned char * pucRandom,
+                              size_t xRandomLength );
+
+/**
+ * @brief Generate a new ECDSA key pair using PKCS #11.
+ *
+ * @param[in] xSession The PKCS #11 session.
+ * @param[in] pcPrivateKeyLabel The label to store the private key.
+ * @param[in] pcPublicKeyLabel The label to store the public key.
+ * @param[out] xPrivateKeyHandlePtr The handle of the private key.
+ * @param[out] xPublicKeyHandlePtr The handle of the public key.
+ */
+static CK_RV prvGenerateKeyPairEC( CK_SESSION_HANDLE xSession,
+                                   const char * pcPrivateKeyLabel,
+                                   const char * pcPublicKeyLabel,
+                                   CK_OBJECT_HANDLE_PTR xPrivateKeyHandlePtr,
+                                   CK_OBJECT_HANDLE_PTR xPublicKeyHandlePtr );
+
+/*-----------------------------------------------------------*/
+
+static CK_RV prvDestroyProvidedObjects( CK_SESSION_HANDLE xSession,
+                                        CK_BYTE_PTR * pxPkcsLabelsPtr,
+                                        CK_OBJECT_CLASS * pxClass,
+                                        CK_ULONG xCount )
+{
+    CK_RV xResult;
+    CK_FUNCTION_LIST_PTR xFunctionList;
+    CK_OBJECT_HANDLE xObjectHandle;
+    CK_BYTE * pxLabelPtr;
+    CK_ULONG xIndex = 0;
+
+    xResult = C_GetFunctionList( &xFunctionList );
+
+    if( xResult != CKR_OK )
+    {
+        LogError( ( "Could not get a PKCS #11 function pointer." ) );
+    }
+    else
+    {
+        for( xIndex = 0; xIndex < xCount; xIndex++ )
+        {
+            pxLabelPtr = pxPkcsLabelsPtr[ xIndex ];
+
+            xResult = xFindObjectWithLabelAndClass( xSession, ( char * ) pxLabelPtr,
+                                                    strnlen( ( char * ) pxLabelPtr, pkcs11configMAX_LABEL_LENGTH ),
+                                                    pxClass[ xIndex ], &xObjectHandle );
+
+            while( ( xResult == CKR_OK ) && ( xObjectHandle != CK_INVALID_HANDLE ) )
+            {
+                xResult = xFunctionList->C_DestroyObject( xSession, xObjectHandle );
+
+                /* PKCS #11 allows a module to maintain multiple objects with the same
+                 * label and type. The intent of this loop is to try to delete all of
+                 * them. However, to avoid getting stuck, we won't try to find another
+                 * object of the same label/type if the previous delete failed. */
+                if( xResult == CKR_OK )
+                {
+                    xResult = xFindObjectWithLabelAndClass( xSession, ( char * ) pxLabelPtr,
+                                                            strnlen( ( char * ) pxLabelPtr, pkcs11configMAX_LABEL_LENGTH ),
+                                                            pxClass[ xIndex ], &xObjectHandle );
+                }
+                else
+                {
+                    break;
+                }
+            }
+        }
+    }
+
+    return xResult;
+}
+
+/*-----------------------------------------------------------*/
+
+static int prvExtractEcPublicKey( CK_SESSION_HANDLE xP11Session,
+                                  mbedtls_ecdsa_context * pxEcdsaContext,
+                                  CK_OBJECT_HANDLE xPublicKey )
+{
+    CK_ATTRIBUTE xEcTemplate = { 0 };
+    int xMbedtlsRet = -1;
+    CK_RV xPkcs11ret = CKR_OK;
+    CK_BYTE pxEcPoint[ 67 ] = { 0 };
+    CK_FUNCTION_LIST_PTR xP11FunctionList;
+
+    mbedtls_ecdsa_init( pxEcdsaContext );
+    mbedtls_ecp_group_init( &( pxEcdsaContext->grp ) );
+
+    xPkcs11ret = C_GetFunctionList( &xP11FunctionList );
+
+    if( xPkcs11ret != CKR_OK )
+    {
+        LogError( ( "Could not get a PKCS #11 function pointer." ) );
+    }
+    else
+    {
+        xEcTemplate.type = CKA_EC_POINT;
+        xEcTemplate.pValue = pxEcPoint;
+        xEcTemplate.ulValueLen = sizeof( pxEcPoint );
+        xPkcs11ret = xP11FunctionList->C_GetAttributeValue( xP11Session, xPublicKey, &xEcTemplate, 1 );
+
+        if( xPkcs11ret != CKR_OK )
+        {
+            LogError( ( "Failed to extract EC public key. Could not get attribute value. "
+                        "C_GetAttributeValue failed with %lu.", xPkcs11ret ) );
+        }
+    }
+
+    if( xPkcs11ret == CKR_OK )
+    {
+        xMbedtlsRet = mbedtls_ecp_group_load( &( pxEcdsaContext->grp ), MBEDTLS_ECP_DP_SECP256R1 );
+
+        if( xMbedtlsRet != 0 )
+        {
+            LogError( ( "Failed creating an EC key. "
+                        "mbedtls_ecp_group_load failed: MbedTLS"
+                        "error = %s : %s.",
+                        mbedtlsHighLevelCodeOrDefault( xMbedtlsRet ),
+                        mbedtlsLowLevelCodeOrDefault( xMbedtlsRet ) ) );
+            xPkcs11ret = CKR_FUNCTION_FAILED;
+        }
+        else
+        {
+            xMbedtlsRet = mbedtls_ecp_point_read_binary( &( pxEcdsaContext->grp ), &( pxEcdsaContext->Q ), &pxEcPoint[ 2 ], xEcTemplate.ulValueLen - 2 );
+
+            if( xMbedtlsRet != 0 )
+            {
+                LogError( ( "Failed creating an EC key. "
+                            "mbedtls_ecp_group_load failed: MbedTLS"
+                            "error = %s : %s.",
+                            mbedtlsHighLevelCodeOrDefault( xMbedtlsRet ),
+                            mbedtlsLowLevelCodeOrDefault( xMbedtlsRet ) ) );
+                xPkcs11ret = CKR_FUNCTION_FAILED;
+            }
+        }
+    }
+
+    return xMbedtlsRet;
+}
+
+/*-----------------------------------------------------------*/
+
+static int32_t prvPrivateKeySigningCallback( void * pxContext,
+                                             mbedtls_md_type_t xMdAlg,
+                                             const unsigned char * pucHash,
+                                             size_t xHashLen,
+                                             unsigned char * pucSig,
+                                             size_t * pxSigLen,
+                                             int ( * pxRng )( void *, unsigned char *, size_t ),
+                                             void * pxRngContext )
+{
+    CK_RV xRet = CKR_OK;
+    int32_t usResult = 0;
+    CK_MECHANISM xMech = { 0 };
+    CK_BYTE pxToBeSigned[ 256 ];
+    CK_ULONG xToBeSignedLen = sizeof( pxToBeSigned );
+    CK_FUNCTION_LIST_PTR xFunctionList = NULL;
+
+    /* Unreferenced parameters. */
+    ( void ) ( pxContext );
+    ( void ) ( pxRng );
+    ( void ) ( pxRngContext );
+    ( void ) ( xMdAlg );
+
+    /* Sanity check buffer length. */
+    if( xHashLen > sizeof( pxToBeSigned ) )
+    {
+        xRet = CKR_ARGUMENTS_BAD;
+    }
+
+    xMech.mechanism = CKM_ECDSA;
+    memcpy( pxToBeSigned, pucHash, xHashLen );
+    xToBeSignedLen = xHashLen;
+
+    if( xRet == CKR_OK )
+    {
+        xRet = C_GetFunctionList( &xFunctionList );
+    }
+
+    if( xRet == CKR_OK )
+    {
+        xRet = xFunctionList->C_SignInit( xSigningContext.p11Session, &xMech,
+                                          xSigningContext.p11PrivateKey );
+    }
+
+    if( xRet == CKR_OK )
+    {
+        *pxSigLen = sizeof( pxToBeSigned );
+        xRet = xFunctionList->C_Sign( xSigningContext.p11Session, pxToBeSigned,
+                                      xToBeSignedLen, pucSig, ( CK_ULONG_PTR ) pxSigLen );
+    }
+
+    if( xRet == CKR_OK )
+    {
+        /* PKCS #11 for P256 returns a 64-byte signature with 32 bytes for R and 32
+         * bytes for S. This must be converted to an ASN.1 encoded array. */
+        if( *pxSigLen != pkcs11ECDSA_P256_SIGNATURE_LENGTH )
+        {
+            xRet = CKR_FUNCTION_FAILED;
+            LogError( ( "Failed to sign message using PKCS #11. Expected signature "
+                        "length of %lu, but received %lu.",
+                        ( unsigned long ) pkcs11ECDSA_P256_SIGNATURE_LENGTH,
+                        ( unsigned long ) *pxSigLen ) );
+        }
+
+        if( xRet == CKR_OK )
+        {
+            PKI_pkcs11SignatureTombedTLSSignature( pucSig, pxSigLen );
+        }
+    }
+
+    if( xRet != CKR_OK )
+    {
+        LogError( ( "Failed to sign message using PKCS #11 with error code %lu.", xRet ) );
+        usResult = -1;
+    }
+
+    return usResult;
+}
+
+/*-----------------------------------------------------------*/
+
+static int prvRandomCallback( void * pxCtx,
+                              unsigned char * pucRandom,
+                              size_t xRandomLength )
+{
+    CK_SESSION_HANDLE * pxP11Session = ( CK_SESSION_HANDLE * ) pxCtx;
+    CK_RV xRes;
+    CK_FUNCTION_LIST_PTR xP11FunctionList;
+
+    xRes = C_GetFunctionList( &xP11FunctionList );
+
+    if( xRes != CKR_OK )
+    {
+        LogError( ( "Failed to generate a random number in RNG callback. Could not get a "
+                    "PKCS #11 function pointer." ) );
+    }
+    else
+    {
+        xRes = xP11FunctionList->C_GenerateRandom( *pxP11Session, pucRandom, xRandomLength );
+
+        if( xRes != CKR_OK )
+        {
+            LogError( ( "Failed to generate a random number in RNG callback. "
+                        "C_GenerateRandom failed with %lu.", ( unsigned long ) xRes ) );
+        }
+    }
+
+    return ( int ) xRes;
+}
+
+/*-----------------------------------------------------------*/
+
+static CK_RV prvGenerateKeyPairEC( CK_SESSION_HANDLE xSession,
+                                   const char * pcPrivateKeyLabel,
+                                   const char * pcPublicKeyLabel,
+                                   CK_OBJECT_HANDLE_PTR xPrivateKeyHandlePtr,
+                                   CK_OBJECT_HANDLE_PTR xPublicKeyHandlePtr )
+{
+    CK_RV xResult;
+    CK_MECHANISM xMechanism = { CKM_EC_KEY_PAIR_GEN, NULL_PTR, 0 };
+    CK_FUNCTION_LIST_PTR xFunctionList;
+    CK_BYTE pxEcParams[] = pkcs11DER_ENCODED_OID_P256; /* prime256v1 */
+    CK_KEY_TYPE xKeyType = CKK_EC;
+
+    CK_BBOOL xTrueObject = CK_TRUE;
+    CK_ATTRIBUTE pxPublicKeyTemplate[] =
+    {
+        { CKA_KEY_TYPE,  NULL /* &keyType */,         sizeof( xKeyType )             },
+        { CKA_VERIFY,    NULL /* &trueObject */,      sizeof( xTrueObject )          },
+        { CKA_EC_PARAMS, NULL /* ecParams */,         sizeof( pxEcParams )           },
+        { CKA_LABEL,     ( void * ) pcPublicKeyLabel, strnlen( pcPublicKeyLabel, pkcs11configMAX_LABEL_LENGTH )}
+    };
+
+    /* Aggregate initializers must not use the address of an automatic variable. */
+    pxPublicKeyTemplate[ 0 ].pValue = &xKeyType;
+    pxPublicKeyTemplate[ 1 ].pValue = &xTrueObject;
+    pxPublicKeyTemplate[ 2 ].pValue = &pxEcParams;
+
+    CK_ATTRIBUTE privateKeyTemplate[] =
+    {
+        { CKA_KEY_TYPE, NULL /* &keyType */,          sizeof( xKeyType )             },
+        { CKA_TOKEN,    NULL /* &trueObject */,       sizeof( xTrueObject )          },
+        { CKA_PRIVATE,  NULL /* &trueObject */,       sizeof( xTrueObject )          },
+        { CKA_SIGN,     NULL /* &trueObject */,       sizeof( xTrueObject )          },
+        { CKA_LABEL,    ( void * ) pcPrivateKeyLabel, strnlen( pcPrivateKeyLabel, pkcs11configMAX_LABEL_LENGTH )}
+    };
+
+    /* Aggregate initializers must not use the address of an automatic variable. */
+    privateKeyTemplate[ 0 ].pValue = &xKeyType;
+    privateKeyTemplate[ 1 ].pValue = &xTrueObject;
+    privateKeyTemplate[ 2 ].pValue = &xTrueObject;
+    privateKeyTemplate[ 3 ].pValue = &xTrueObject;
+
+    xResult = C_GetFunctionList( &xFunctionList );
+
+    if( xResult != CKR_OK )
+    {
+        LogError( ( "Could not get a PKCS #11 function pointer." ) );
+    }
+    else
+    {
+        xResult = xFunctionList->C_GenerateKeyPair( xSession,
+                                                    &xMechanism,
+                                                    pxPublicKeyTemplate,
+                                                    sizeof( pxPublicKeyTemplate ) / sizeof( CK_ATTRIBUTE ),
+                                                    privateKeyTemplate, sizeof( privateKeyTemplate ) / sizeof( CK_ATTRIBUTE ),
+                                                    xPublicKeyHandlePtr,
+                                                    xPrivateKeyHandlePtr );
+    }
+
+    return xResult;
+}
+
+/*-----------------------------------------------------------*/
+
+bool xGenerateKeyAndCsr( CK_SESSION_HANDLE xP11Session,
+                         const char * pcPrivKeyLabel,
+                         const char * pcPubKeyLabel,
+                         char * pcCsrBuffer,
+                         size_t xCsrBufferLength,
+                         size_t * pxOutCsrLength )
+{
+    CK_OBJECT_HANDLE xPrivKeyHandle;
+    CK_OBJECT_HANDLE xPubKeyHandle;
+    CK_RV xPkcs11Ret = CKR_OK;
+    mbedtls_pk_context xPrivKey;
+    mbedtls_pk_info_t xPrivKeyInfo;
+    mbedtls_ecdsa_context xEcdsaContext;
+    mbedtls_x509write_csr xReq;
+    int32_t ulMbedtlsRet = -1;
+    const mbedtls_pk_info_t * pxHeader = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
+
+    configASSERT( pcPrivKeyLabel != NULL );
+    configASSERT( pcPubKeyLabel != NULL );
+    configASSERT( pcCsrBuffer != NULL );
+    configASSERT( pxOutCsrLength != NULL );
+
+    xPkcs11Ret = prvGenerateKeyPairEC( xP11Session,
+                                       pcPrivKeyLabel,
+                                       pcPubKeyLabel,
+                                       &xPrivKeyHandle,
+                                       &xPubKeyHandle );
+
+    if( xPkcs11Ret == CKR_OK )
+    {
+        mbedtls_x509write_csr_init( &xReq );
+        mbedtls_x509write_csr_set_md_alg( &xReq, MBEDTLS_MD_SHA256 );
+
+        ulMbedtlsRet = mbedtls_x509write_csr_set_key_usage( &xReq, MBEDTLS_X509_KU_DIGITAL_SIGNATURE );
+
+        if( ulMbedtlsRet == 0 )
+        {
+            ulMbedtlsRet = mbedtls_x509write_csr_set_ns_cert_type( &xReq, MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT );
+        }
+
+        if( ulMbedtlsRet == 0 )
+        {
+            ulMbedtlsRet = mbedtls_x509write_csr_set_subject_name( &xReq, democonfigCSR_SUBJECT_NAME );
+        }
+
+        if( ulMbedtlsRet == 0 )
+        {
+            mbedtls_pk_init( &xPrivKey );
+        }
+
+        if( ulMbedtlsRet == 0 )
+        {
+            ulMbedtlsRet = prvExtractEcPublicKey( xP11Session, &xEcdsaContext, xPubKeyHandle );
+        }
+
+        if( ulMbedtlsRet == 0 )
+        {
+            xSigningContext.p11Session = xP11Session;
+            xSigningContext.p11PrivateKey = xPrivKeyHandle;
+
+            memcpy( &xPrivKeyInfo, pxHeader, sizeof( mbedtls_pk_info_t ) );
+
+            xPrivKeyInfo.sign_func = prvPrivateKeySigningCallback;
+            xPrivKey.pk_info = &xPrivKeyInfo;
+            xPrivKey.pk_ctx = &xEcdsaContext;
+
+            mbedtls_x509write_csr_set_key( &xReq, &xPrivKey );
+
+            ulMbedtlsRet = mbedtls_x509write_csr_pem( &xReq, ( unsigned char * ) pcCsrBuffer,
+                                                      xCsrBufferLength, &prvRandomCallback,
+                                                      &xP11Session );
+        }
+
+        mbedtls_x509write_csr_free( &xReq );
+        mbedtls_ecdsa_free( &xEcdsaContext );
+        mbedtls_ecp_group_free( &( xEcdsaContext.grp ) );
+    }
+
+    *pxOutCsrLength = strlen( pcCsrBuffer );
+
+    return( ulMbedtlsRet == 0 );
+}
+
+/*-----------------------------------------------------------*/
+
+bool xLoadCertificate( CK_SESSION_HANDLE xP11Session,
+                       const char * pcCertificate,
+                       const char * pcLabel,
+                       size_t xCertificateLength )
+{
+    PKCS11_CertificateTemplate_t xCertificateTemplate;
+    CK_OBJECT_CLASS xCertificateClass = CKO_CERTIFICATE;
+    CK_CERTIFICATE_TYPE xCertificateType = CKC_X_509;
+    CK_FUNCTION_LIST_PTR xFunctionList = NULL;
+    CK_RV xResult = CKR_OK;
+    uint8_t * pucDerObject = NULL;
+    int32_t ulConversion = 0;
+    size_t xDerLen = 0;
+    CK_BBOOL xTokenStorage = CK_TRUE;
+    CK_BYTE pxSubject[] = "TestSubject";
+    CK_OBJECT_HANDLE xObjectHandle = CK_INVALID_HANDLE;
+
+    configASSERT( pcLabel != NULL );
+
+    if( pcCertificate == NULL )
+    {
+        LogError( ( "Certificate cannot be null." ) );
+        xResult = CKR_ATTRIBUTE_VALUE_INVALID;
+    }
+
+    if( xResult == CKR_OK )
+    {
+        /* Convert the certificate to DER format from PEM. The DER key should
+         * be about 3/4 the size of the PEM key, so mallocing the PEM key size
+         * is sufficient. */
+        pucDerObject = ( uint8_t * ) malloc( xCertificateLength + 1 );
+        xDerLen = xCertificateLength + 1;
+
+        if( pucDerObject != NULL )
+        {
+            ulConversion = convert_pem_to_der( ( unsigned char * ) pcCertificate,
+                                               xCertificateLength + 1,
+                                               pucDerObject, &xDerLen );
+
+            if( 0 != ulConversion )
+            {
+                LogError( ( "Failed to convert provided certificate." ) );
+                xResult = CKR_ARGUMENTS_BAD;
+            }
+        }
+        else
+        {
+            LogError( ( "Failed to allocate buffer for converting certificate to DER." ) );
+            xResult = CKR_HOST_MEMORY;
+        }
+    }
+
+    if( xResult == CKR_OK )
+    {
+        xResult = C_GetFunctionList( &xFunctionList );
+
+        if( xResult != CKR_OK )
+        {
+            LogError( ( "Could not get a PKCS #11 function pointer." ) );
+        }
+    }
+
+    if( xResult == CKR_OK )
+    {
+        /* Initialize the client certificate template. */
+        xCertificateTemplate.xObjectClass.type = CKA_CLASS;
+        xCertificateTemplate.xObjectClass.pValue = &xCertificateClass;
+        xCertificateTemplate.xObjectClass.ulValueLen = sizeof( xCertificateClass );
+        xCertificateTemplate.xSubject.type = CKA_SUBJECT;
+        xCertificateTemplate.xSubject.pValue = pxSubject;
+        xCertificateTemplate.xSubject.ulValueLen = strlen( ( const char * ) pxSubject );
+        xCertificateTemplate.xValue.type = CKA_VALUE;
+        xCertificateTemplate.xValue.pValue = pucDerObject;
+        xCertificateTemplate.xValue.ulValueLen = xDerLen;
+        xCertificateTemplate.xLabel.type = CKA_LABEL;
+        xCertificateTemplate.xLabel.pValue = ( CK_VOID_PTR ) pcLabel;
+        xCertificateTemplate.xLabel.ulValueLen = strnlen( pcLabel, pkcs11configMAX_LABEL_LENGTH );
+        xCertificateTemplate.xCertificateType.type = CKA_CERTIFICATE_TYPE;
+        xCertificateTemplate.xCertificateType.pValue = &xCertificateType;
+        xCertificateTemplate.xCertificateType.ulValueLen = sizeof( CK_CERTIFICATE_TYPE );
+        xCertificateTemplate.xTokenObject.type = CKA_TOKEN;
+        xCertificateTemplate.xTokenObject.pValue = &xTokenStorage;
+        xCertificateTemplate.xTokenObject.ulValueLen = sizeof( xTokenStorage );
+
+        /* Best effort clean-up of the existing object, if it exists. */
+        prvDestroyProvidedObjects( xP11Session, ( CK_BYTE_PTR * ) &pcLabel, &xCertificateClass, 1 );
+
+        /* Create an object using the encoded client certificate. */
+        LogInfo( ( "Writing certificate into label \"%s\".", pcLabel ) );
+
+        xResult = xFunctionList->C_CreateObject( xP11Session,
+                                                 ( CK_ATTRIBUTE_PTR ) &xCertificateTemplate,
+                                                 sizeof( xCertificateTemplate ) / sizeof( CK_ATTRIBUTE ),
+                                                 &xObjectHandle );
+    }
+
+    if( pucDerObject != NULL )
+    {
+        free( pucDerObject );
+    }
+
+    return( xResult == CKR_OK );
+}
+
+/*-----------------------------------------------------------*/
+
+bool xPkcs11CloseSession( CK_SESSION_HANDLE xP11Session )
+{
+    CK_RV xResult = CKR_OK;
+    CK_FUNCTION_LIST_PTR xFunctionList = NULL;
+
+    xResult = C_GetFunctionList( &xFunctionList );
+
+    if( xResult == CKR_OK )
+    {
+        xResult = xFunctionList->C_CloseSession( xP11Session );
+    }
+
+    if( xResult == CKR_OK )
+    {
+        xResult = xFunctionList->C_Finalize( NULL );
+    }
+
+    return( xResult == CKR_OK );
+}
+
+/*-----------------------------------------------------------*/
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.h
new file mode 100644
index 000000000..cb4511833
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.h
@@ -0,0 +1,85 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+#ifndef PKCS11_OPERATIONS_H_
+#define PKCS11_OPERATIONS_H_
+
+/* Standard includes. */
+#include <stdlib.h>
+#include <stdbool.h>
+
+/* corePKCS11 include. */
+#include "core_pkcs11.h"
+
+/**
+ * @brief Generate a new public-private key pair in the PKCS #11 module, and
+ * generate a certificate signing request (CSR) for them.
+ *
+ * This device-generated private key and CSR can be used with the
+ * CreateCertificateFromCsr API of the the Fleet Provisioning feature of AWS IoT
+ * Core in order to provision a unique client certificate.
+ *
+ * @param[in] xP11Session The PKCS #11 session to use.
+ * @param[in] pcPrivKeyLabel PKCS #11 label for the private key.
+ * @param[in] pcPubKeyLabel PKCS #11 label for the public key.
+ * @param[out] pcCsrBuffer The buffer to write the CSR to.
+ * @param[in] xCsrBufferLength Length of #pcCsrBuffer.
+ * @param[out] pcOutCsrLength The length of the written CSR.
+ *
+ * @return True on success.
+ */
+bool xGenerateKeyAndCsr( CK_SESSION_HANDLE xP11Session,
+                         const char * pcPrivKeyLabel,
+                         const char * pcPubKeyLabel,
+                         char * pcCsrBuffer,
+                         size_t xCsrBufferLength,
+                         size_t * pcOutCsrLength );
+
+/**
+ * @brief Save the device client certificate into the PKCS #11 module.
+ *
+ * @param[in] xP11Session The PKCS #11 session to use.
+ * @param[in] pcCertificate The certificate to save.
+ * @param[in] pcLabel PKCS #11 label for the certificate.
+ * @param[in] xCertificateLength Length of #pcCertificate.
+ *
+ * @return True on success.
+ */
+bool xLoadCertificate( CK_SESSION_HANDLE xP11Session,
+                       const char * pcCertificate,
+                       const char * pcLabel,
+                       size_t xCertificateLength );
+
+/**
+ * @brief Close the PKCS #11 session.
+ *
+ * @param[in] xP11Session The PKCS #11 session to use.
+ *
+ * @return True on success.
+ */
+bool xPkcs11CloseSession( CK_SESSION_HANDLE xP11Session );
+
+#endif /* ifndef PKCS11_OPERATIONS_H_ */
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.c
new file mode 100644
index 000000000..a85e3160f
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.c
@@ -0,0 +1,380 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/* FreeRTOS includes. */
+#include <FreeRTOS.h>
+
+/* TinyCBOR library for CBOR encoding and decoding operations. */
+#include "cbor.h"
+
+/* Demo config. */
+#include "demo_config.h"
+
+/* AWS IoT Fleet Provisioning Library. */
+#include "fleet_provisioning.h"
+
+/* Header include. */
+#include "tinycbor_serializer.h"
+/*-----------------------------------------------------------*/
+
+bool xGenerateCsrRequest( uint8_t * pucBuffer,
+                          size_t xBufferLength,
+                          const char * pcCsr,
+                          size_t xCsrLength,
+                          size_t * pxOutLengthWritten )
+{
+    CborEncoder xEncoder, xMapEncoder;
+    CborError xCborRet;
+
+    configASSERT( pucBuffer != NULL );
+    configASSERT( pcCsr != NULL );
+    configASSERT( pxOutLengthWritten != NULL );
+
+    /* For details on the CreateCertificatefromCsr request payload format, see:
+     * https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr-request-payload
+     */
+    cbor_encoder_init( &xEncoder, pucBuffer, xBufferLength, 0 );
+
+    /* The request document is a map with 1 key value pair. */
+    xCborRet = cbor_encoder_create_map( &xEncoder, &xMapEncoder, 1 );
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_stringz( &xMapEncoder, "certificateSigningRequest" );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_string( &xMapEncoder, pcCsr, xCsrLength );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encoder_close_container( &xEncoder, &xMapEncoder );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        *pxOutLengthWritten = cbor_encoder_get_buffer_size( &xEncoder, ( uint8_t * ) pucBuffer );
+    }
+    else
+    {
+        LogError( ( "Error during CBOR encoding: %s", cbor_error_string( xCborRet ) ) );
+
+        if( ( xCborRet & CborErrorOutOfMemory ) != 0 )
+        {
+            LogError( ( "Cannot fit CreateCertificateFromCsr request payload into buffer." ) );
+        }
+    }
+
+    return( xCborRet == CborNoError );
+}
+/*-----------------------------------------------------------*/
+
+bool xGenerateRegisterThingRequest( uint8_t * pucBuffer,
+                                    size_t xBufferLength,
+                                    const char * pcCertificateOwnershipToken,
+                                    size_t xCertificateOwnershipTokenLength,
+                                    const char * pcSerial,
+                                    size_t xSerialLength,
+                                    size_t * pxOutLengthWritten )
+{
+    CborEncoder xEncoder, xMapEncoder, xParametersEncoder;
+    CborError xCborRet;
+
+    configASSERT( pucBuffer != NULL );
+    configASSERT( pcCertificateOwnershipToken != NULL );
+    configASSERT( pcSerial != NULL );
+    configASSERT( pxOutLengthWritten != NULL );
+
+    /* For details on the RegisterThing request payload format, see:
+     * https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#register-thing-request-payload
+     */
+    cbor_encoder_init( &xEncoder, pucBuffer, xBufferLength, 0 );
+    /* The RegisterThing request payload is a map with two keys. */
+    xCborRet = cbor_encoder_create_map( &xEncoder, &xMapEncoder, 2 );
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_stringz( &xMapEncoder, "certificateOwnershipToken" );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_string( &xMapEncoder, pcCertificateOwnershipToken, xCertificateOwnershipTokenLength );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_stringz( &xMapEncoder, "parameters" );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        /* Parameters in this example is length 1. */
+        xCborRet = cbor_encoder_create_map( &xMapEncoder, &xParametersEncoder, 1 );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_stringz( &xParametersEncoder, "SerialNumber" );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encode_text_string( &xParametersEncoder, pcSerial, xSerialLength );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encoder_close_container( &xMapEncoder, &xParametersEncoder );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_encoder_close_container( &xEncoder, &xMapEncoder );
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        *pxOutLengthWritten = cbor_encoder_get_buffer_size( &xEncoder, ( uint8_t * ) pucBuffer );
+    }
+    else
+    {
+        LogError( ( "Error during CBOR encoding: %s", cbor_error_string( xCborRet ) ) );
+
+        if( ( xCborRet & CborErrorOutOfMemory ) != 0 )
+        {
+            LogError( ( "Cannot fit RegisterThing request payload into buffer." ) );
+        }
+    }
+
+    return( xCborRet == CborNoError );
+}
+/*-----------------------------------------------------------*/
+
+bool xParseCsrResponse( const uint8_t * pucResponse,
+                        size_t xLength,
+                        char * pcCertificateBuffer,
+                        size_t * pxCertificateBufferLength,
+                        char * pcCertificateIdBuffer,
+                        size_t * pxCertificateIdBufferLength,
+                        char * pcOwnershipTokenBuffer,
+                        size_t * pxOwnershipTokenBufferLength )
+{
+    CborError xCborRet;
+    CborParser xParser;
+    CborValue xMap;
+    CborValue xValue;
+
+    configASSERT( pucResponse != NULL );
+    configASSERT( pcCertificateBuffer != NULL );
+    configASSERT( pxCertificateBufferLength != NULL );
+    configASSERT( pcCertificateIdBuffer != NULL );
+    configASSERT( pxCertificateIdBufferLength != NULL );
+    configASSERT( *pxCertificateIdBufferLength >= 64 );
+    configASSERT( pcOwnershipTokenBuffer != NULL );
+    configASSERT( pxOwnershipTokenBufferLength != NULL );
+
+    /* For details on the CreateCertificatefromCsr response payload format, see:
+     * https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#register-thing-response-payload
+     */
+    xCborRet = cbor_parser_init( pucResponse, xLength, 0, &xParser, &xMap );
+
+    if( xCborRet != CborNoError )
+    {
+        LogError( ( "Error initializing parser for CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+    }
+    else if( !cbor_value_is_map( &xMap ) )
+    {
+        LogError( ( "CreateCertificateFromCsr response is not a valid map container type." ) );
+    }
+    else
+    {
+        xCborRet = cbor_value_map_find_value( &xMap, "certificatePem", &xValue );
+
+        if( xCborRet != CborNoError )
+        {
+            LogError( ( "Error searching CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+        }
+        else if( xValue.type == CborInvalidType )
+        {
+            LogError( ( "\"certificatePem\" not found in CreateCertificateFromCsr response." ) );
+        }
+        else if( xValue.type != CborTextStringType )
+        {
+            LogError( ( "Value for \"certificatePem\" key in CreateCertificateFromCsr response is not a text string type." ) );
+        }
+        else
+        {
+            xCborRet = cbor_value_copy_text_string( &xValue, pcCertificateBuffer, pxCertificateBufferLength, NULL );
+
+            if( xCborRet == CborErrorOutOfMemory )
+            {
+                size_t requiredLen = 0;
+                ( void ) cbor_value_calculate_string_length( &xValue, &requiredLen );
+                LogError( ( "Certificate buffer insufficiently large. Certificate length: %lu", ( unsigned long ) requiredLen ) );
+            }
+            else if( xCborRet != CborNoError )
+            {
+                LogError( ( "Failed to parse \"certificatePem\" value from CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+            }
+        }
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_value_map_find_value( &xMap, "certificateId", &xValue );
+
+        if( xCborRet != CborNoError )
+        {
+            LogError( ( "Error searching CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+        }
+        else if( xValue.type == CborInvalidType )
+        {
+            LogError( ( "\"certificateId\" not found in CreateCertificateFromCsr response." ) );
+        }
+        else if( xValue.type != CborTextStringType )
+        {
+            LogError( ( "\"certificateId\" is an unexpected type in CreateCertificateFromCsr response." ) );
+        }
+        else
+        {
+            xCborRet = cbor_value_copy_text_string( &xValue, pcCertificateIdBuffer, pxCertificateIdBufferLength, NULL );
+
+            if( xCborRet == CborErrorOutOfMemory )
+            {
+                size_t requiredLen = 0;
+                ( void ) cbor_value_calculate_string_length( &xValue, &requiredLen );
+                LogError( ( "Certificate ID buffer insufficiently large. Certificate ID length: %lu", ( unsigned long ) requiredLen ) );
+            }
+            else if( xCborRet != CborNoError )
+            {
+                LogError( ( "Failed to parse \"certificateId\" value from CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+            }
+        }
+    }
+
+    if( xCborRet == CborNoError )
+    {
+        xCborRet = cbor_value_map_find_value( &xMap, "certificateOwnershipToken", &xValue );
+
+        if( xCborRet != CborNoError )
+        {
+            LogError( ( "Error searching CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+        }
+        else if( xValue.type == CborInvalidType )
+        {
+            LogError( ( "\"certificateOwnershipToken\" not found in CreateCertificateFromCsr response." ) );
+        }
+        else if( xValue.type != CborTextStringType )
+        {
+            LogError( ( "\"certificateOwnershipToken\" is an unexpected type in CreateCertificateFromCsr response." ) );
+        }
+        else
+        {
+            xCborRet = cbor_value_copy_text_string( &xValue, pcOwnershipTokenBuffer, pxOwnershipTokenBufferLength, NULL );
+
+            if( xCborRet == CborErrorOutOfMemory )
+            {
+                size_t requiredLen = 0;
+                ( void ) cbor_value_calculate_string_length( &xValue, &requiredLen );
+                LogError( ( "Certificate ownership token buffer insufficiently large. Certificate ownership token buffer length: %lu", ( unsigned long ) requiredLen ) );
+            }
+            else if( xCborRet != CborNoError )
+            {
+                LogError( ( "Failed to parse \"certificateOwnershipToken\" value from CreateCertificateFromCsr response: %s.", cbor_error_string( xCborRet ) ) );
+            }
+        }
+    }
+
+    return( xCborRet == CborNoError );
+}
+/*-----------------------------------------------------------*/
+
+bool xParseRegisterThingResponse( const uint8_t * pucResponse,
+                                  size_t xLength,
+                                  char * pcThingNameBuffer,
+                                  size_t * pxThingNameBufferLength )
+{
+    CborError cborRet;
+    CborParser parser;
+    CborValue map;
+    CborValue value;
+
+    configASSERT( pucResponse != NULL );
+    configASSERT( pcThingNameBuffer != NULL );
+    configASSERT( pxThingNameBufferLength != NULL );
+
+    /* For details on the RegisterThing response payload format, see:
+     * https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#register-thing-response-payload
+     */
+    cborRet = cbor_parser_init( pucResponse, xLength, 0, &parser, &map );
+
+    if( cborRet != CborNoError )
+    {
+        LogError( ( "Error initializing parser for RegisterThing response: %s.", cbor_error_string( cborRet ) ) );
+    }
+    else if( !cbor_value_is_map( &map ) )
+    {
+        LogError( ( "RegisterThing response not a map type." ) );
+    }
+    else
+    {
+        cborRet = cbor_value_map_find_value( &map, "thingName", &value );
+
+        if( cborRet != CborNoError )
+        {
+            LogError( ( "Error searching RegisterThing response: %s.", cbor_error_string( cborRet ) ) );
+        }
+        else if( value.type == CborInvalidType )
+        {
+            LogError( ( "\"thingName\" not found in RegisterThing response." ) );
+        }
+        else if( value.type != CborTextStringType )
+        {
+            LogError( ( "\"thingName\" is an unexpected type in RegisterThing response." ) );
+        }
+        else
+        {
+            cborRet = cbor_value_copy_text_string( &value, pcThingNameBuffer, pxThingNameBufferLength, NULL );
+
+            if( cborRet == CborErrorOutOfMemory )
+            {
+                size_t requiredLen = 0;
+                ( void ) cbor_value_calculate_string_length( &value, &requiredLen );
+                LogError( ( "Thing name buffer insufficiently large. Thing name length: %lu", ( unsigned long ) requiredLen ) );
+            }
+            else if( cborRet != CborNoError )
+            {
+                LogError( ( "Failed to parse \"thingName\" value from RegisterThing response: %s.", cbor_error_string( cborRet ) ) );
+            }
+        }
+    }
+
+    return( cborRet == CborNoError );
+}
+/*-----------------------------------------------------------*/
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.h b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.h
new file mode 100644
index 000000000..db8802dc6
--- /dev/null
+++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/tinycbor_serializer.h
@@ -0,0 +1,115 @@
+/*
+ * FreeRTOS V202111.00
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ * the Software, and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * https://www.FreeRTOS.org
+ * https://github.com/FreeRTOS
+ *
+ */
+
+/**
+ * This file declares functions for serializing and parsing CBOR encoded Fleet
+ * Provisioning API payloads.
+ */
+
+/* Standard includes. */
+#include <stdlib.h>
+#include <stdint.h>
+#include <stdbool.h>
+
+/**
+ * @brief Creates the request payload to be published to the
+ * CreateCertificateFromCsr API in order to request a certificate from AWS IoT
+ * for the included Certificate Signing Request (CSR).
+ *
+ * @param[in] pucBuffer Buffer into which to write the publish request payload.
+ * @param[in] xBufferLength Length of #pucBuffer.
+ * @param[in] pcCsr The CSR to include in the request payload.
+ * @param[in] xCsrLength The length of #pcCsr.
+ * @param[out] pxOutLengthWritten The length of the publish request payload.
+ */
+bool xGenerateCsrRequest( uint8_t * pucBuffer,
+                          size_t xBufferLength,
+                          const char * pcCsr,
+                          size_t xCsrLength,
+                          size_t * pxOutLengthWritten );
+
+/**
+ * @brief Creates the request payload to be published to the RegisterThing API
+ * in order to activate the provisioned certificate and receive a Thing name.
+ *
+ * @param[in] pucBuffer Buffer into which to write the publish request payload.
+ * @param[in] xBufferLength Length of #buffer.
+ * @param[in] pcCertificateOwnershipToken The certificate's certificate
+ * ownership token.
+ * @param[in] xCertificateOwnershipTokenLength Length of
+ * #certificateOwnershipToken.
+ * @param[out] pxOutLengthWritten The length of the publish request payload.
+ */
+bool xGenerateRegisterThingRequest( uint8_t * pucBuffer,
+                                    size_t xBufferLength,
+                                    const char * pcCertificateOwnershipToken,
+                                    size_t xCertificateOwnershipTokenLength,
+                                    const char * pcSerial,
+                                    size_t xSerialLength,
+                                    size_t * pxOutLengthWritten );
+
+/**
+ * @brief Extracts the certificate, certificate ID, and certificate ownership
+ * token from a CreateCertificateFromCsr accepted response. These are copied
+ * to the provided buffers so that they can outlive the data in the response
+ * buffer and as CBOR strings may be chunked.
+ *
+ * @param[in] pucResponse The response payload.
+ * @param[in] xLength Length of #pucResponse.
+ * @param[in] pcCertificateBuffer The buffer to which to write the certificate.
+ * @param[in,out] pxCertificateBufferLength The length of #pcCertificateBuffer.
+ * The length written is output here.
+ * @param[in] pcCertificateIdBuffer The buffer to which to write the certificate
+ * ID.
+ * @param[in,out] pxCertificateIdBufferLength The length of
+ * #pcCertificateIdBuffer. The length written is output here.
+ * @param[in] pcOwnershipTokenBuffer The buffer to which to write the
+ * certificate ownership token.
+ * @param[in,out] pxOwnershipTokenBufferLength The length of
+ * #pcOwnershipTokenBuffer. The length written is output here.
+ */
+bool xParseCsrResponse( const uint8_t * pucResponse,
+                        size_t xLength,
+                        char * pcCertificateBuffer,
+                        size_t * pxCertificateBufferLength,
+                        char * pcCertificateIdBuffer,
+                        size_t * pxCertificateIdBufferLength,
+                        char * pcOwnershipTokenBuffer,
+                        size_t * pxOwnershipTokenBufferLength );
+
+/**
+ * @brief Extracts the Thing name from a RegisterThing accepted response.
+ *
+ * @param[in] pucResponse The response document.
+ * @param[in] xLength Length of #pucResponse.
+ * @param[in] pcThingNameBuffer The buffer to which to write the Thing name.
+ * @param[in,out] pxThingNameBufferLength The length of #pcThingNameBuffer. The
+ * written length is output here.
+ */
+bool xParseRegisterThingResponse( const uint8_t * pucResponse,
+                                  size_t xLength,
+                                  char * pcThingNameBuffer,
+                                  size_t * pxThingNameBufferLength );
diff --git a/FreeRTOS-Plus/Source/AWS/fleet-provisioning b/FreeRTOS-Plus/Source/AWS/fleet-provisioning
new file mode 160000
+Subproject 3ec98fc22a0a24f283e4129316bb403f28ea338
diff --git a/FreeRTOS-Plus/ThirdParty/tinycbor b/FreeRTOS-Plus/ThirdParty/tinycbor
new file mode 160000
+Subproject d393c16f3eb30d0c47e6f9d92db62272f0ec4dc
diff --git a/lexicon.txt b/lexicon.txt
index 232ef98b8..e3852c003 100644
--- a/lexicon.txt
+++ b/lexicon.txt
@@ -40,9 +40,9 @@ ansi
 ap
 apb
 api
+apireference
 apis
 apn
-
 app
 applicationexit
 appnote
@@ -213,6 +213,8 @@ cer
 cereg
 cerrorbuffer
 cert
+certificateid
+certificateownershiptoken
 certificatetemplate
 certprofile
 certs
@@ -233,6 +235,7 @@ checktimer
 checkval
 checkvalue
 checon
+chunked
 ci
 ciconfiguration
 circleos
@@ -296,10 +299,10 @@ comlast
 comm
 commandloop
 commecho
+commreceivecallbackthread
 comms
 commsfirst
 commslast
-commreceivecallbackthread
 commtaskthread
 commtaskthreadstarted
 comp
@@ -416,8 +419,11 @@ cqueuereievefromisr
 cread
 creadonlyarray
 creadwritearray
+createcertificatefromcsr
 createfile
 createfileforrx
+createkeysandcertificate
+creatething
 createthread
 creceivedstring
 credentialprovider
@@ -564,6 +570,7 @@ doxygen
 dpfpu
 dph
 dpl
+dptr
 dqp
 dr
 drbg
@@ -594,6 +601,8 @@ echobuffer
 echomultitx
 ecmd
 ecp
+ecparams
+ecparamsptr
 edbg
 edk
 edrx
@@ -759,18 +768,20 @@ flopc
 fm
 fmain
 fmx
+fn
 fnnnn
 foo
 fopen
 forcestall
 fosc
+fp
 fpe
 fpga
 fpidiv
 fpu
 fr
-france
 framming
+france
 fre
 fread
 freedomstudio
@@ -813,6 +824,7 @@ generatekeypair
 generaterandom
 genqmutex
 getc
+getcertificatefromcsr
 getcommand
 getdeviceserialnumber
 getfunctionlist
@@ -846,8 +858,8 @@ gpioe
 gpios
 greacefully
 grec
-gsm
 gree
+gsm
 hal
 halboardinit
 hallcd
@@ -1072,6 +1084,7 @@ katy
 kbhit
 keil
 keygen
+keytype
 khz
 kickstart
 knowns
@@ -1490,6 +1503,11 @@ pcapplicationhostnamehook
 pcattrib
 pcbuffer
 pcc
+pccertificate
+pccertificatebuffer
+pccertificateidbuffer
+pccertificateownershiptoken
+pcclientcertlabel
 pccmdintprocesscommand
 pccommand
 pccommandbuffer
@@ -1498,15 +1516,17 @@ pccommandstring
 pcconnectionack
 pccontentrangevalstr
 pccontentstype
+pccsr
+pccsrbuffer
 pccssitags
 pccurrentdir
 pcdata
 pcdatasentfrominterrupt
 pcdefenderresponse
-pcertfilepath
-pcextracontents
 pcellularcommcontext
 pcellularsocketcontext
+pcertfilepath
+pcextracontents
 pcfakestring
 pcfile
 pcfilebuffer
@@ -1522,6 +1542,7 @@ pcjobstatusreport
 pck
 pcks
 pcl
+pclabel
 pclabelname
 pclientcert
 pclientcertlabel
@@ -1529,6 +1550,7 @@ pclk
 pclkb
 pclwipappsblockinggettxbuffer
 pcmackey
+pcmessage
 pcmethod
 pcmyreply
 pcname
@@ -1540,10 +1562,17 @@ pcommportevent
 pcommtaskevent
 pcontext
 pcontextbuffer
+pcoutcsrlength
 pcoverflowedtask
+pcownershiptokenbuffer
 pcpath
 pcpayload
 pcprintgetnextmessage
+pcprivatekey
+pcprivatekeylabel
+pcprivkeylabel
+pcpubkeylabel
+pcpublickeylabel
 pcqueuegetname
 pcqueuename
 pcreceivedstring
@@ -1562,7 +1591,9 @@ pcstringtoreceive
 pcstringtosend
 pctaskname
 pcthingname
+pcthingnamebuffer
 pcto
+pctopic
 pctopicfilter
 pctopicfilterstring
 pctransmittedstring
@@ -1721,7 +1752,9 @@ prioity
 prioritisation
 prioritised
 prioritydefinitions
+privatekeyclass
 privatekeysize
+privatekeytype
 priviledged
 privkey
 privkeyinfo
@@ -1782,6 +1815,7 @@ prvexceptionhandler
 prvfirstregtesttask
 prvflashcoroutine
 prvflashtimercallback
+prvfleetprovisioningtask
 prvformatcommand
 prvgeneratedevicemetricsreport
 prvgetdisinheritpriorityaftertimeout
@@ -1966,7 +2000,9 @@ pucethernetbufferpointers
 puchash
 pucindex
 pucmessage
+pucpayloadbuffer
 pucrandom
+pucresponse
 pucsig
 pucsignature
 pucsignercert
@@ -2024,7 +2060,10 @@ pwr
 pxaddresslen
 pxbuffer
 pxcallback
+pxcertificatebufferlength
 pxcertificatecontext
+pxcertificateidbufferlength
+pxclass
 pxclient
 pxcommand
 pxcommandcontext
@@ -2035,6 +2074,10 @@ pxcontext
 pxctx
 pxcurrenttcb
 pxdeserializedinfo
+pxdptr
+pxecdsacontext
+pxecparams
+pxecparamsptr
 pxexpiredtimer
 pxfilesize
 pxftpclient
@@ -2046,6 +2089,7 @@ pxindex
 pxisrfunction
 pxknownmessage
 pxlist
+pxmbedpkcontext
 pxmetrics
 pxmqttcontext
 pxnetif
@@ -2056,14 +2100,19 @@ pxnext
 pxopenedinterfacehandle
 pxoutcharswritten
 pxoutconnectionsarray
+pxoutgoingpublishpackets
+pxoutlengthwritten
 pxoutnetworkstats
 pxoutnumestablishedconnections
 pxoutnumtcpopenports
 pxoutnumudpopenports
 pxoutreportlength
 pxoutreprotlength
+pxoutwrittenlength
+pxownershiptokenbufferlength
 pxpacketinfo
 pxpathlen
+pxpkcslabelsptr
 pxport
 pxpublishinfo
 pxqueue
@@ -2073,6 +2122,8 @@ pxrequestheaders
 pxrequestinfo
 pxresponse
 pxreturninfo
+pxrng
+pxrngcontext
 pxsiglen
 pxsigvcreds
 pxslotid
@@ -2083,6 +2134,7 @@ pxsubscriptionlist
 pxtaskbuffer
 pxtaskstatusarray
 pxtcb
+pxthingnamebufferlength
 pxtickstowait
 pxtimeout
 pxtimer
@@ -2150,6 +2202,7 @@ recvtimeout
 referencetimestamp
 reflash
 reg
+registerthing
 regtest
 reinitialise
 reinitialised
@@ -2174,6 +2227,7 @@ resetart
 resetprg
 resoltion
 resp
+responsebuffer
 responsesize
 resubscribe
 resubscribes
@@ -2490,11 +2544,11 @@ tcptesttcp
 tcptesttx
 td
 teardown
+tei
 telecom
 telekom
 telstra
 telus
-tei
 temo
 temt
 terraterm
@@ -2513,8 +2567,8 @@ tha
 thingname
 thingnamelength
 thr
-threadroutine
 thre
+threadroutine
 throwtheswitch
 ths
 tickless
@@ -2527,6 +2581,7 @@ timeoutvaluems
 timertest
 timertimer
 timeserver
+tinycbor
 tls
 tmr
 tmrdemoone
@@ -2551,6 +2606,7 @@ tracetask
 trafic
 transmaskget
 transmaskset
+transportinterface
 transportrecv
 transportsend
 transporttimeout
@@ -2564,6 +2620,7 @@ tris
 trmt
 trng
 truely
+trueobject
 trustzone
 tscr
 tskidle
@@ -2816,6 +2873,7 @@ usstacksize
 ustaskstacksize
 usthingnamelength
 ustopicfilterlength
+ustopiclength
 ustotallength
 utalised
 utc
@@ -3003,6 +3061,7 @@ vsetuptimertest
 vsimplesubscribepublishtask
 vstart
 vstartdefenderdemo
+vstartfleetprovisioningdemo
 vstartjobsdemo
 vstartmathtasks
 vstartotademo
@@ -3060,6 +3119,7 @@ wifisecurity
 wikipedia
 winavr
 winpcap
+winsim
 winsock
 witemlength
 witin
@@ -3102,6 +3162,8 @@ xc
 xcb
 xcdcusart
 xcerthandle
+xcertificatelength
+xcertificateownershiptokenlength
 xchecktaskbuffer
 xchecktaskstack
 xchecktimer
@@ -3119,8 +3181,12 @@ xconnectedsocket
 xconnectionsarraylength
 xcontrolmessagebuffer
 xcorebmessagebuffers
+xcount
+xcreatecleansession
 xcreatedtask
 xcreatortasktcbbuffer
+xcsrbufferlength
+xcsrlength
 xcurbyte
 xdatalength
 xdatamessagebuffers
@@ -3183,6 +3249,7 @@ xftpclientwork
 xglobalscopecheckqueue
 xglobalsubackstatus
 xhashalgorithm
+xhashlen
 xheapregions
 xheapstats
 xhelpcommand
@@ -3194,8 +3261,8 @@ xhow
 xilinx
 xincrement
 xindex
-xinterface
 xinputstrlen
+xinterface
 xinterruptcontroller
 xiptracevalues
 xirqrequest
@@ -3203,6 +3270,7 @@ xisrautoreloadtimer
 xisroneshottimer
 xisrstatus
 xitemvalue
+xkeytype
 xlastchecktime
 xlastcounttime
 xlastexecutiontime
@@ -3239,6 +3307,7 @@ xmessagebuffersend
 xmessagebuffersendfromisr
 xmessagecomplete
 xmessagecompletesemaphore
+xmessagelength
 xmessagelengths
 xmethodlen
 xmode
@@ -3294,9 +3363,14 @@ xportregistercinterrupthandler
 xportsystickhandler
 xpreparetasklists
 xprintqueue
+xprivatekeyhandleptr
+xprivatekeylength
 xprivilegedmodetaskbuffer
 xprivilegedmodetaskstack
 xprocessreceivedudppacket
+xpublickey
+xpublickeyhandleptr
+xpublishcallback
 xqos
 xqueue
 xqueueaddtoset
@@ -3366,6 +3440,7 @@ xreportlength
 xreportstatus
 xrequest
 xresponsecount
+xresponsestatus
 xresult
 xretrytimeoutticks
 xreturn
@@ -3408,6 +3483,7 @@ xserialportinit
 xserialportinitminimal
 xserialsendstring
 xserver
+xsession
 xsetupcomplete
 xsignature
 xsignaturelength
@@ -3503,6 +3579,7 @@ xtracerunning
 xtransfercompletedelay
 xtransfersocket
 xtransmitted
+xtrueobject
 xttcps
 xtxbuffermutex
 xtxdescriptors
diff --git a/manifest.yml b/manifest.yml
index 892d5eda1..77ed6b83f 100644
--- a/manifest.yml
+++ b/manifest.yml
@@ -136,4 +136,18 @@ dependencies:
       url: "https://github.com/FreeRTOS/FreeRTOS-Cellular-Interface.git"
       path: "FreeRTOS-Plus/Source/FreeRTOS-Cellular-Interface"
 
+  - name: "fleet-provisioning"
+    version: "3ec98fc"
+    repository:
+      type: "git"
+      url: "https://github.com/aws/Fleet-Provisioning-for-AWS-IoT-embedded-sdk.git"
+      path: "FreeRTOS-Plus/Source/AWS/fleet-provisioning"
+
+  - name: "tinycbor"
+    version: "v0.6.0"
+    repository:
+      type: "git"
+      url: "https://github.com/intel/tinycbor.git"
+      path: "FreeRTOS-Plus/ThirdParty/tinycbor"
+
 license: "MIT"